./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e04fb08f Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0 --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e1c4d106eb612b91999bdca4bb49f57df1223b70f35ecd881d6daa6062cb1b0b --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-e04fb08 [2022-11-16 20:02:14,975 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-16 20:02:14,977 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-16 20:02:14,998 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-16 20:02:14,998 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-16 20:02:15,000 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-16 20:02:15,001 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-16 20:02:15,003 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-16 20:02:15,005 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-16 20:02:15,006 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-16 20:02:15,007 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-16 20:02:15,009 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-16 20:02:15,009 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-16 20:02:15,010 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-16 20:02:15,012 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-16 20:02:15,013 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-16 20:02:15,014 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-16 20:02:15,016 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-16 20:02:15,018 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-16 20:02:15,020 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-16 20:02:15,021 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-16 20:02:15,023 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-16 20:02:15,024 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-16 20:02:15,026 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-16 20:02:15,030 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-16 20:02:15,030 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-16 20:02:15,031 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-16 20:02:15,032 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-16 20:02:15,032 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-16 20:02:15,034 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-16 20:02:15,034 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-16 20:02:15,035 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-16 20:02:15,036 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-16 20:02:15,037 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-16 20:02:15,038 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-16 20:02:15,039 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-16 20:02:15,039 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-16 20:02:15,040 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-16 20:02:15,040 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-16 20:02:15,041 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-16 20:02:15,042 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-16 20:02:15,048 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-16 20:02:15,080 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-16 20:02:15,091 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-16 20:02:15,092 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-16 20:02:15,093 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-16 20:02:15,093 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-16 20:02:15,094 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-16 20:02:15,094 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-16 20:02:15,095 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-16 20:02:15,095 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-16 20:02:15,095 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-16 20:02:15,096 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-16 20:02:15,097 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-16 20:02:15,097 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-16 20:02:15,097 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-16 20:02:15,098 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-16 20:02:15,098 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-16 20:02:15,098 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-16 20:02:15,099 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-16 20:02:15,099 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-16 20:02:15,100 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-16 20:02:15,100 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-16 20:02:15,100 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-16 20:02:15,101 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-16 20:02:15,101 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-16 20:02:15,101 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-16 20:02:15,101 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-16 20:02:15,102 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-16 20:02:15,102 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-16 20:02:15,102 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-16 20:02:15,103 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-16 20:02:15,103 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-16 20:02:15,103 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-16 20:02:15,104 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 20:02:15,104 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-16 20:02:15,104 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-16 20:02:15,105 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-16 20:02:15,106 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-16 20:02:15,106 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-16 20:02:15,106 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-16 20:02:15,106 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-16 20:02:15,107 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-16 20:02:15,107 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0 Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e1c4d106eb612b91999bdca4bb49f57df1223b70f35ecd881d6daa6062cb1b0b [2022-11-16 20:02:15,459 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-16 20:02:15,497 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-16 20:02:15,500 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-16 20:02:15,502 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-16 20:02:15,503 INFO L275 PluginConnector]: CDTParser initialized [2022-11-16 20:02:15,504 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/../../sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c [2022-11-16 20:02:15,579 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/data/c4c69ed28/6706ba7b517f43299293d213bc474288/FLAGe182b2d13 [2022-11-16 20:02:16,113 INFO L306 CDTParser]: Found 1 translation units. [2022-11-16 20:02:16,113 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c [2022-11-16 20:02:16,126 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/data/c4c69ed28/6706ba7b517f43299293d213bc474288/FLAGe182b2d13 [2022-11-16 20:02:16,431 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/data/c4c69ed28/6706ba7b517f43299293d213bc474288 [2022-11-16 20:02:16,434 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-16 20:02:16,436 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-16 20:02:16,444 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-16 20:02:16,444 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-16 20:02:16,447 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-16 20:02:16,448 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 08:02:16" (1/1) ... [2022-11-16 20:02:16,449 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@62f72d1b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:16, skipping insertion in model container [2022-11-16 20:02:16,450 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 08:02:16" (1/1) ... [2022-11-16 20:02:16,458 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-16 20:02:16,527 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-16 20:02:16,741 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c[1605,1618] [2022-11-16 20:02:16,947 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 20:02:16,962 INFO L203 MainTranslator]: Completed pre-run [2022-11-16 20:02:16,976 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c[1605,1618] [2022-11-16 20:02:17,063 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 20:02:17,081 INFO L208 MainTranslator]: Completed translation [2022-11-16 20:02:17,081 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17 WrapperNode [2022-11-16 20:02:17,082 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-16 20:02:17,083 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-16 20:02:17,083 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-16 20:02:17,083 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-16 20:02:17,091 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (1/1) ... [2022-11-16 20:02:17,116 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (1/1) ... [2022-11-16 20:02:17,148 INFO L138 Inliner]: procedures = 56, calls = 159, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 281 [2022-11-16 20:02:17,149 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-16 20:02:17,150 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-16 20:02:17,150 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-16 20:02:17,150 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-16 20:02:17,160 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (1/1) ... [2022-11-16 20:02:17,165 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (1/1) ... [2022-11-16 20:02:17,167 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (1/1) ... [2022-11-16 20:02:17,169 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (1/1) ... [2022-11-16 20:02:17,180 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (1/1) ... [2022-11-16 20:02:17,185 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (1/1) ... [2022-11-16 20:02:17,187 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (1/1) ... [2022-11-16 20:02:17,189 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (1/1) ... [2022-11-16 20:02:17,194 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-16 20:02:17,196 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-16 20:02:17,196 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-16 20:02:17,196 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-16 20:02:17,202 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (1/1) ... [2022-11-16 20:02:17,209 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 20:02:17,223 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 20:02:17,235 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-16 20:02:17,244 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-16 20:02:17,275 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-16 20:02:17,275 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-16 20:02:17,275 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-16 20:02:17,275 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-16 20:02:17,276 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-16 20:02:17,276 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-16 20:02:17,276 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-16 20:02:17,276 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-16 20:02:17,276 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-16 20:02:17,276 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 20:02:17,276 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 20:02:17,276 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-16 20:02:17,277 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-16 20:02:17,277 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2022-11-16 20:02:17,277 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2022-11-16 20:02:17,277 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-16 20:02:17,277 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-16 20:02:17,277 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-16 20:02:17,277 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-16 20:02:17,277 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-16 20:02:17,278 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-16 20:02:17,278 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-16 20:02:17,372 INFO L235 CfgBuilder]: Building ICFG [2022-11-16 20:02:17,375 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-16 20:02:17,923 INFO L276 CfgBuilder]: Performing block encoding [2022-11-16 20:02:18,052 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-16 20:02:18,053 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-16 20:02:18,055 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 08:02:18 BoogieIcfgContainer [2022-11-16 20:02:18,056 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-16 20:02:18,058 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-16 20:02:18,059 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-16 20:02:18,068 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-16 20:02:18,069 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 08:02:16" (1/3) ... [2022-11-16 20:02:18,070 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7327c4a8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 08:02:18, skipping insertion in model container [2022-11-16 20:02:18,070 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 08:02:17" (2/3) ... [2022-11-16 20:02:18,071 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7327c4a8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 08:02:18, skipping insertion in model container [2022-11-16 20:02:18,071 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 08:02:18" (3/3) ... [2022-11-16 20:02:18,072 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product53.cil.c [2022-11-16 20:02:18,093 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-16 20:02:18,093 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-16 20:02:18,203 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-16 20:02:18,212 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6651c94e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-16 20:02:18,213 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-16 20:02:18,219 INFO L276 IsEmpty]: Start isEmpty. Operand has 69 states, 42 states have (on average 1.4285714285714286) internal successors, (60), 52 states have internal predecessors, (60), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-11-16 20:02:18,230 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-16 20:02:18,231 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:02:18,232 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:02:18,233 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:02:18,239 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:02:18,240 INFO L85 PathProgramCache]: Analyzing trace with hash -345957679, now seen corresponding path program 1 times [2022-11-16 20:02:18,250 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:02:18,251 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1290425266] [2022-11-16 20:02:18,251 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:02:18,252 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:02:18,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:02:18,566 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 20:02:18,567 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:02:18,567 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1290425266] [2022-11-16 20:02:18,568 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1290425266] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:02:18,568 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 20:02:18,568 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-16 20:02:18,570 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [232647331] [2022-11-16 20:02:18,571 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:02:18,575 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-16 20:02:18,577 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:02:18,605 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-16 20:02:18,606 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 20:02:18,609 INFO L87 Difference]: Start difference. First operand has 69 states, 42 states have (on average 1.4285714285714286) internal successors, (60), 52 states have internal predecessors, (60), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 20:02:18,707 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:02:18,708 INFO L93 Difference]: Finished difference Result 136 states and 185 transitions. [2022-11-16 20:02:18,709 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-16 20:02:18,711 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-16 20:02:18,711 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:02:18,719 INFO L225 Difference]: With dead ends: 136 [2022-11-16 20:02:18,720 INFO L226 Difference]: Without dead ends: 64 [2022-11-16 20:02:18,723 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 20:02:18,726 INFO L413 NwaCegarLoop]: 70 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 70 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 20:02:18,727 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 70 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 20:02:18,740 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2022-11-16 20:02:18,761 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2022-11-16 20:02:18,763 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 39 states have (on average 1.3333333333333333) internal successors, (52), 48 states have internal predecessors, (52), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2022-11-16 20:02:18,767 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 83 transitions. [2022-11-16 20:02:18,769 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 83 transitions. Word has length 17 [2022-11-16 20:02:18,769 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:02:18,769 INFO L495 AbstractCegarLoop]: Abstraction has 64 states and 83 transitions. [2022-11-16 20:02:18,769 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 20:02:18,770 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 83 transitions. [2022-11-16 20:02:18,772 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-11-16 20:02:18,772 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:02:18,772 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:02:18,773 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-16 20:02:18,773 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:02:18,774 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:02:18,774 INFO L85 PathProgramCache]: Analyzing trace with hash 2054920652, now seen corresponding path program 1 times [2022-11-16 20:02:18,774 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:02:18,774 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [452601418] [2022-11-16 20:02:18,775 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:02:18,775 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:02:18,795 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:02:18,868 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 20:02:18,868 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:02:18,868 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [452601418] [2022-11-16 20:02:18,869 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [452601418] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:02:18,869 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 20:02:18,869 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 20:02:18,869 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [948043399] [2022-11-16 20:02:18,869 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:02:18,871 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 20:02:18,871 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:02:18,872 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 20:02:18,872 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 20:02:18,872 INFO L87 Difference]: Start difference. First operand 64 states and 83 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 20:02:18,945 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:02:18,950 INFO L93 Difference]: Finished difference Result 105 states and 137 transitions. [2022-11-16 20:02:18,951 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 20:02:18,951 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2022-11-16 20:02:18,951 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:02:18,953 INFO L225 Difference]: With dead ends: 105 [2022-11-16 20:02:18,953 INFO L226 Difference]: Without dead ends: 56 [2022-11-16 20:02:18,954 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 20:02:18,955 INFO L413 NwaCegarLoop]: 56 mSDtfsCounter, 7 mSDsluCounter, 47 mSDsCounter, 0 mSdLazyCounter, 29 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 103 SdHoareTripleChecker+Invalid, 29 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 29 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 20:02:18,958 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 103 Invalid, 29 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 29 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 20:02:18,959 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2022-11-16 20:02:18,967 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2022-11-16 20:02:18,967 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 34 states have (on average 1.3529411764705883) internal successors, (46), 43 states have internal predecessors, (46), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-16 20:02:18,969 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 72 transitions. [2022-11-16 20:02:18,969 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 72 transitions. Word has length 18 [2022-11-16 20:02:18,969 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:02:18,970 INFO L495 AbstractCegarLoop]: Abstraction has 56 states and 72 transitions. [2022-11-16 20:02:18,970 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 20:02:18,970 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 72 transitions. [2022-11-16 20:02:18,971 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-11-16 20:02:18,971 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:02:18,972 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:02:18,972 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-16 20:02:18,972 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:02:18,973 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:02:18,973 INFO L85 PathProgramCache]: Analyzing trace with hash -1947969008, now seen corresponding path program 1 times [2022-11-16 20:02:18,973 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:02:18,974 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [121426971] [2022-11-16 20:02:18,974 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:02:18,974 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:02:19,018 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:02:19,107 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 20:02:19,107 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:02:19,107 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [121426971] [2022-11-16 20:02:19,108 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [121426971] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:02:19,108 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 20:02:19,108 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 20:02:19,108 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1651578491] [2022-11-16 20:02:19,109 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:02:19,109 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 20:02:19,109 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:02:19,110 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 20:02:19,110 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 20:02:19,111 INFO L87 Difference]: Start difference. First operand 56 states and 72 transitions. Second operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 20:02:19,211 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:02:19,212 INFO L93 Difference]: Finished difference Result 110 states and 143 transitions. [2022-11-16 20:02:19,212 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 20:02:19,213 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-11-16 20:02:19,213 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:02:19,214 INFO L225 Difference]: With dead ends: 110 [2022-11-16 20:02:19,214 INFO L226 Difference]: Without dead ends: 56 [2022-11-16 20:02:19,215 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 20:02:19,216 INFO L413 NwaCegarLoop]: 54 mSDtfsCounter, 61 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 61 SdHoareTripleChecker+Valid, 54 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 20:02:19,217 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [61 Valid, 54 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 20:02:19,218 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2022-11-16 20:02:19,237 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2022-11-16 20:02:19,238 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 34 states have (on average 1.3235294117647058) internal successors, (45), 43 states have internal predecessors, (45), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-16 20:02:19,239 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 71 transitions. [2022-11-16 20:02:19,239 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 71 transitions. Word has length 20 [2022-11-16 20:02:19,240 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:02:19,240 INFO L495 AbstractCegarLoop]: Abstraction has 56 states and 71 transitions. [2022-11-16 20:02:19,240 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 20:02:19,240 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 71 transitions. [2022-11-16 20:02:19,241 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-11-16 20:02:19,242 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:02:19,242 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:02:19,242 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-16 20:02:19,243 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:02:19,243 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:02:19,243 INFO L85 PathProgramCache]: Analyzing trace with hash -931900255, now seen corresponding path program 1 times [2022-11-16 20:02:19,243 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:02:19,244 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1483493491] [2022-11-16 20:02:19,248 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:02:19,248 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:02:19,281 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:02:19,359 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-16 20:02:19,359 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:02:19,360 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1483493491] [2022-11-16 20:02:19,360 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1483493491] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:02:19,360 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 20:02:19,360 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 20:02:19,360 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [612452082] [2022-11-16 20:02:19,361 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:02:19,361 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 20:02:19,361 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:02:19,362 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 20:02:19,362 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 20:02:19,362 INFO L87 Difference]: Start difference. First operand 56 states and 71 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-11-16 20:02:19,439 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:02:19,439 INFO L93 Difference]: Finished difference Result 149 states and 194 transitions. [2022-11-16 20:02:19,440 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 20:02:19,440 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 30 [2022-11-16 20:02:19,440 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:02:19,442 INFO L225 Difference]: With dead ends: 149 [2022-11-16 20:02:19,442 INFO L226 Difference]: Without dead ends: 95 [2022-11-16 20:02:19,443 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 20:02:19,444 INFO L413 NwaCegarLoop]: 74 mSDtfsCounter, 43 mSDsluCounter, 45 mSDsCounter, 0 mSdLazyCounter, 36 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 119 SdHoareTripleChecker+Invalid, 42 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 36 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 20:02:19,445 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [43 Valid, 119 Invalid, 42 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 36 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 20:02:19,446 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 95 states. [2022-11-16 20:02:19,462 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 95 to 93. [2022-11-16 20:02:19,462 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 93 states, 60 states have (on average 1.2666666666666666) internal successors, (76), 68 states have internal predecessors, (76), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2022-11-16 20:02:19,464 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 93 states to 93 states and 116 transitions. [2022-11-16 20:02:19,464 INFO L78 Accepts]: Start accepts. Automaton has 93 states and 116 transitions. Word has length 30 [2022-11-16 20:02:19,465 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:02:19,465 INFO L495 AbstractCegarLoop]: Abstraction has 93 states and 116 transitions. [2022-11-16 20:02:19,465 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-11-16 20:02:19,465 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 116 transitions. [2022-11-16 20:02:19,466 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-16 20:02:19,466 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:02:19,466 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:02:19,467 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-16 20:02:19,467 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:02:19,467 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:02:19,467 INFO L85 PathProgramCache]: Analyzing trace with hash -1202776850, now seen corresponding path program 1 times [2022-11-16 20:02:19,468 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:02:19,468 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [480022940] [2022-11-16 20:02:19,468 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:02:19,468 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:02:19,488 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:02:19,667 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 20:02:19,668 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:02:19,668 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [480022940] [2022-11-16 20:02:19,669 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [480022940] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:02:19,669 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 20:02:19,672 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-16 20:02:19,674 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1418993333] [2022-11-16 20:02:19,674 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:02:19,675 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-16 20:02:19,675 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:02:19,676 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-16 20:02:19,677 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-11-16 20:02:19,677 INFO L87 Difference]: Start difference. First operand 93 states and 116 transitions. Second operand has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 20:02:19,902 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:02:19,902 INFO L93 Difference]: Finished difference Result 188 states and 241 transitions. [2022-11-16 20:02:19,903 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-16 20:02:19,903 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 33 [2022-11-16 20:02:19,903 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:02:19,905 INFO L225 Difference]: With dead ends: 188 [2022-11-16 20:02:19,905 INFO L226 Difference]: Without dead ends: 97 [2022-11-16 20:02:19,906 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-11-16 20:02:19,907 INFO L413 NwaCegarLoop]: 67 mSDtfsCounter, 132 mSDsluCounter, 100 mSDsCounter, 0 mSdLazyCounter, 86 mSolverCounterSat, 57 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 135 SdHoareTripleChecker+Valid, 167 SdHoareTripleChecker+Invalid, 143 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 57 IncrementalHoareTripleChecker+Valid, 86 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-16 20:02:19,908 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [135 Valid, 167 Invalid, 143 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [57 Valid, 86 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-16 20:02:19,909 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2022-11-16 20:02:19,945 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 93. [2022-11-16 20:02:19,946 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 93 states, 60 states have (on average 1.2) internal successors, (72), 68 states have internal predecessors, (72), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (22), 15 states have call predecessors, (22), 17 states have call successors, (22) [2022-11-16 20:02:19,952 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 93 states to 93 states and 111 transitions. [2022-11-16 20:02:19,952 INFO L78 Accepts]: Start accepts. Automaton has 93 states and 111 transitions. Word has length 33 [2022-11-16 20:02:19,953 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:02:19,953 INFO L495 AbstractCegarLoop]: Abstraction has 93 states and 111 transitions. [2022-11-16 20:02:19,953 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 20:02:19,954 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 111 transitions. [2022-11-16 20:02:19,957 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2022-11-16 20:02:19,958 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:02:19,958 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:02:19,958 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-16 20:02:19,960 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:02:19,960 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:02:19,960 INFO L85 PathProgramCache]: Analyzing trace with hash -1715866396, now seen corresponding path program 1 times [2022-11-16 20:02:19,960 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:02:19,961 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [87175026] [2022-11-16 20:02:19,962 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:02:19,962 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:02:20,005 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:02:20,352 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 20:02:20,353 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:02:20,353 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [87175026] [2022-11-16 20:02:20,353 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [87175026] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:02:20,353 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 20:02:20,353 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-16 20:02:20,354 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1605869815] [2022-11-16 20:02:20,354 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:02:20,354 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-16 20:02:20,354 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:02:20,355 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-16 20:02:20,355 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-11-16 20:02:20,355 INFO L87 Difference]: Start difference. First operand 93 states and 111 transitions. Second operand has 5 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 3 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-16 20:02:20,603 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:02:20,603 INFO L93 Difference]: Finished difference Result 318 states and 394 transitions. [2022-11-16 20:02:20,604 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-16 20:02:20,604 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 3 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 36 [2022-11-16 20:02:20,605 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:02:20,615 INFO L225 Difference]: With dead ends: 318 [2022-11-16 20:02:20,615 INFO L226 Difference]: Without dead ends: 227 [2022-11-16 20:02:20,619 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=18, Invalid=24, Unknown=0, NotChecked=0, Total=42 [2022-11-16 20:02:20,620 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 110 mSDsluCounter, 161 mSDsCounter, 0 mSdLazyCounter, 114 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 110 SdHoareTripleChecker+Valid, 245 SdHoareTripleChecker+Invalid, 126 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 114 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-16 20:02:20,621 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [110 Valid, 245 Invalid, 126 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 114 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-16 20:02:20,622 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 227 states. [2022-11-16 20:02:20,676 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 227 to 211. [2022-11-16 20:02:20,677 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 211 states, 138 states have (on average 1.181159420289855) internal successors, (163), 152 states have internal predecessors, (163), 38 states have call successors, (38), 34 states have call predecessors, (38), 34 states have return successors, (51), 34 states have call predecessors, (51), 38 states have call successors, (51) [2022-11-16 20:02:20,679 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 211 states to 211 states and 252 transitions. [2022-11-16 20:02:20,679 INFO L78 Accepts]: Start accepts. Automaton has 211 states and 252 transitions. Word has length 36 [2022-11-16 20:02:20,679 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:02:20,680 INFO L495 AbstractCegarLoop]: Abstraction has 211 states and 252 transitions. [2022-11-16 20:02:20,680 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 3 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-16 20:02:20,680 INFO L276 IsEmpty]: Start isEmpty. Operand 211 states and 252 transitions. [2022-11-16 20:02:20,681 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-11-16 20:02:20,681 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:02:20,682 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:02:20,682 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-16 20:02:20,682 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:02:20,682 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:02:20,683 INFO L85 PathProgramCache]: Analyzing trace with hash -1320289595, now seen corresponding path program 1 times [2022-11-16 20:02:20,683 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:02:20,683 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [485837726] [2022-11-16 20:02:20,683 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:02:20,683 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:02:20,710 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:02:21,115 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 20:02:21,115 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:02:21,116 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [485837726] [2022-11-16 20:02:21,116 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [485837726] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:02:21,116 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 20:02:21,116 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-11-16 20:02:21,117 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1429649798] [2022-11-16 20:02:21,117 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:02:21,118 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-11-16 20:02:21,118 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:02:21,118 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-11-16 20:02:21,119 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=50, Unknown=0, NotChecked=0, Total=72 [2022-11-16 20:02:21,120 INFO L87 Difference]: Start difference. First operand 211 states and 252 transitions. Second operand has 9 states, 8 states have (on average 3.5) internal successors, (28), 8 states have internal predecessors, (28), 6 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) [2022-11-16 20:02:21,958 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:02:21,958 INFO L93 Difference]: Finished difference Result 486 states and 596 transitions. [2022-11-16 20:02:21,959 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2022-11-16 20:02:21,959 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 3.5) internal successors, (28), 8 states have internal predecessors, (28), 6 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) Word has length 39 [2022-11-16 20:02:21,959 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:02:21,962 INFO L225 Difference]: With dead ends: 486 [2022-11-16 20:02:21,962 INFO L226 Difference]: Without dead ends: 395 [2022-11-16 20:02:21,963 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=65, Invalid=145, Unknown=0, NotChecked=0, Total=210 [2022-11-16 20:02:21,964 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 304 mSDsluCounter, 196 mSDsCounter, 0 mSdLazyCounter, 593 mSolverCounterSat, 129 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 321 SdHoareTripleChecker+Valid, 279 SdHoareTripleChecker+Invalid, 722 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 129 IncrementalHoareTripleChecker+Valid, 593 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-16 20:02:21,965 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [321 Valid, 279 Invalid, 722 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [129 Valid, 593 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-16 20:02:21,966 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 395 states. [2022-11-16 20:02:22,015 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 395 to 373. [2022-11-16 20:02:22,016 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 373 states, 248 states have (on average 1.1975806451612903) internal successors, (297), 271 states have internal predecessors, (297), 67 states have call successors, (67), 55 states have call predecessors, (67), 57 states have return successors, (87), 61 states have call predecessors, (87), 67 states have call successors, (87) [2022-11-16 20:02:22,019 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 373 states to 373 states and 451 transitions. [2022-11-16 20:02:22,019 INFO L78 Accepts]: Start accepts. Automaton has 373 states and 451 transitions. Word has length 39 [2022-11-16 20:02:22,020 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:02:22,020 INFO L495 AbstractCegarLoop]: Abstraction has 373 states and 451 transitions. [2022-11-16 20:02:22,020 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 3.5) internal successors, (28), 8 states have internal predecessors, (28), 6 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) [2022-11-16 20:02:22,020 INFO L276 IsEmpty]: Start isEmpty. Operand 373 states and 451 transitions. [2022-11-16 20:02:22,022 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2022-11-16 20:02:22,023 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:02:22,023 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:02:22,023 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-16 20:02:22,023 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:02:22,024 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:02:22,024 INFO L85 PathProgramCache]: Analyzing trace with hash -1181740351, now seen corresponding path program 1 times [2022-11-16 20:02:22,024 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:02:22,025 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [664871471] [2022-11-16 20:02:22,025 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:02:22,025 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:02:22,050 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:02:22,874 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 15 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-16 20:02:22,874 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:02:22,874 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [664871471] [2022-11-16 20:02:22,875 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [664871471] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 20:02:22,875 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [775504206] [2022-11-16 20:02:22,875 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:02:22,875 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 20:02:22,875 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 20:02:22,883 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 20:02:22,905 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-16 20:02:23,020 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:02:23,041 INFO L263 TraceCheckSpWp]: Trace formula consists of 426 conjuncts, 24 conjunts are in the unsatisfiable core [2022-11-16 20:02:23,047 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 20:02:23,500 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 4 proven. 11 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-16 20:02:23,500 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 20:02:23,978 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 6 proven. 2 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-11-16 20:02:23,978 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [775504206] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 20:02:23,978 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1232553349] [2022-11-16 20:02:24,013 INFO L159 IcfgInterpreter]: Started Sifa with 45 locations of interest [2022-11-16 20:02:24,014 INFO L166 IcfgInterpreter]: Building call graph [2022-11-16 20:02:24,019 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-16 20:02:24,024 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-16 20:02:24,025 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-16 20:02:31,021 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 294 for LOIs [2022-11-16 20:02:31,077 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 299 for LOIs [2022-11-16 20:02:33,080 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 299 for LOIs [2022-11-16 20:02:34,296 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 299 for LOIs [2022-11-16 20:02:34,753 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 292 for LOIs [2022-11-16 20:02:34,785 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-16 20:03:22,736 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [1232553349] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:03:22,736 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-16 20:03:22,736 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [23] imperfect sequences [14, 9, 8] total 47 [2022-11-16 20:03:22,737 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1773356691] [2022-11-16 20:03:22,737 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:03:22,737 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2022-11-16 20:03:22,738 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:03:22,738 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2022-11-16 20:03:22,739 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=317, Invalid=1845, Unknown=0, NotChecked=0, Total=2162 [2022-11-16 20:03:22,739 INFO L87 Difference]: Start difference. First operand 373 states and 451 transitions. Second operand has 24 states, 20 states have (on average 1.7) internal successors, (34), 20 states have internal predecessors, (34), 6 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 6 states have call successors, (7) [2022-11-16 20:03:45,806 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:03:45,807 INFO L93 Difference]: Finished difference Result 765 states and 930 transitions. [2022-11-16 20:03:45,807 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2022-11-16 20:03:45,807 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 20 states have (on average 1.7) internal successors, (34), 20 states have internal predecessors, (34), 6 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 6 states have call successors, (7) Word has length 63 [2022-11-16 20:03:45,808 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:03:45,812 INFO L225 Difference]: With dead ends: 765 [2022-11-16 20:03:45,812 INFO L226 Difference]: Without dead ends: 464 [2022-11-16 20:03:45,815 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 211 GetRequests, 145 SyntacticMatches, 12 SemanticMatches, 54 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1442 ImplicationChecksByTransitivity, 67.1s TimeCoverageRelationStatistics Valid=471, Invalid=2609, Unknown=0, NotChecked=0, Total=3080 [2022-11-16 20:03:45,818 INFO L413 NwaCegarLoop]: 60 mSDtfsCounter, 118 mSDsluCounter, 489 mSDsCounter, 0 mSdLazyCounter, 1117 mSolverCounterSat, 52 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 3.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 119 SdHoareTripleChecker+Valid, 549 SdHoareTripleChecker+Invalid, 1169 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 52 IncrementalHoareTripleChecker+Valid, 1117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 4.0s IncrementalHoareTripleChecker+Time [2022-11-16 20:03:45,818 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [119 Valid, 549 Invalid, 1169 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [52 Valid, 1117 Invalid, 0 Unknown, 0 Unchecked, 4.0s Time] [2022-11-16 20:03:45,820 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 464 states. [2022-11-16 20:03:45,967 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 464 to 439. [2022-11-16 20:03:45,969 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 439 states, 294 states have (on average 1.183673469387755) internal successors, (348), 318 states have internal predecessors, (348), 77 states have call successors, (77), 65 states have call predecessors, (77), 67 states have return successors, (97), 70 states have call predecessors, (97), 77 states have call successors, (97) [2022-11-16 20:03:45,972 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 439 states to 439 states and 522 transitions. [2022-11-16 20:03:45,973 INFO L78 Accepts]: Start accepts. Automaton has 439 states and 522 transitions. Word has length 63 [2022-11-16 20:03:45,973 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:03:45,973 INFO L495 AbstractCegarLoop]: Abstraction has 439 states and 522 transitions. [2022-11-16 20:03:45,973 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 20 states have (on average 1.7) internal successors, (34), 20 states have internal predecessors, (34), 6 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 6 states have call successors, (7) [2022-11-16 20:03:45,974 INFO L276 IsEmpty]: Start isEmpty. Operand 439 states and 522 transitions. [2022-11-16 20:03:45,977 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2022-11-16 20:03:45,978 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:03:45,978 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:03:45,990 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-16 20:03:46,184 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable7 [2022-11-16 20:03:46,184 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:03:46,185 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:03:46,185 INFO L85 PathProgramCache]: Analyzing trace with hash -63369768, now seen corresponding path program 1 times [2022-11-16 20:03:46,185 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:03:46,185 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [770799972] [2022-11-16 20:03:46,185 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:03:46,185 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:03:46,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:03:46,857 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 0 proven. 16 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-16 20:03:46,857 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:03:46,857 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [770799972] [2022-11-16 20:03:46,858 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [770799972] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 20:03:46,858 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1709568457] [2022-11-16 20:03:46,858 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:03:46,858 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 20:03:46,858 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 20:03:46,861 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 20:03:46,884 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-16 20:03:46,967 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:03:46,970 INFO L263 TraceCheckSpWp]: Trace formula consists of 436 conjuncts, 30 conjunts are in the unsatisfiable core [2022-11-16 20:03:46,973 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 20:03:47,315 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 8 proven. 9 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-16 20:03:47,315 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 20:03:47,756 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 1 proven. 15 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-16 20:03:47,757 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1709568457] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 20:03:47,757 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [984200773] [2022-11-16 20:03:47,760 INFO L159 IcfgInterpreter]: Started Sifa with 45 locations of interest [2022-11-16 20:03:47,760 INFO L166 IcfgInterpreter]: Building call graph [2022-11-16 20:03:47,760 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-16 20:03:47,761 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-16 20:03:47,761 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-16 20:03:56,717 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 319 for LOIs [2022-11-16 20:03:56,781 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 28 for LOIs [2022-11-16 20:03:56,906 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 24 for LOIs [2022-11-16 20:03:56,945 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 24 for LOIs [2022-11-16 20:03:56,966 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 50 for LOIs [2022-11-16 20:03:56,977 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-16 20:04:08,282 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [984200773] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:04:08,282 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-16 20:04:08,282 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [29] imperfect sequences [14, 12, 11] total 58 [2022-11-16 20:04:08,283 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1231016775] [2022-11-16 20:04:08,283 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:04:08,283 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 30 states [2022-11-16 20:04:08,283 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:04:08,284 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2022-11-16 20:04:08,285 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=464, Invalid=2842, Unknown=0, NotChecked=0, Total=3306 [2022-11-16 20:04:08,286 INFO L87 Difference]: Start difference. First operand 439 states and 522 transitions. Second operand has 30 states, 24 states have (on average 1.4166666666666667) internal successors, (34), 24 states have internal predecessors, (34), 7 states have call successors, (7), 5 states have call predecessors, (7), 6 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-16 20:04:32,206 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:04:32,206 INFO L93 Difference]: Finished difference Result 706 states and 858 transitions. [2022-11-16 20:04:32,207 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 42 states. [2022-11-16 20:04:32,207 INFO L78 Accepts]: Start accepts. Automaton has has 30 states, 24 states have (on average 1.4166666666666667) internal successors, (34), 24 states have internal predecessors, (34), 7 states have call successors, (7), 5 states have call predecessors, (7), 6 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Word has length 64 [2022-11-16 20:04:32,208 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:04:32,210 INFO L225 Difference]: With dead ends: 706 [2022-11-16 20:04:32,211 INFO L226 Difference]: Without dead ends: 525 [2022-11-16 20:04:32,213 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 227 GetRequests, 145 SyntacticMatches, 4 SemanticMatches, 78 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2247 ImplicationChecksByTransitivity, 32.9s TimeCoverageRelationStatistics Valid=840, Invalid=5480, Unknown=0, NotChecked=0, Total=6320 [2022-11-16 20:04:32,214 INFO L413 NwaCegarLoop]: 57 mSDtfsCounter, 224 mSDsluCounter, 536 mSDsCounter, 0 mSdLazyCounter, 1769 mSolverCounterSat, 114 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 227 SdHoareTripleChecker+Valid, 593 SdHoareTripleChecker+Invalid, 1883 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 114 IncrementalHoareTripleChecker+Valid, 1769 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.5s IncrementalHoareTripleChecker+Time [2022-11-16 20:04:32,214 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [227 Valid, 593 Invalid, 1883 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [114 Valid, 1769 Invalid, 0 Unknown, 0 Unchecked, 2.5s Time] [2022-11-16 20:04:32,215 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 525 states. [2022-11-16 20:04:32,337 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 525 to 506. [2022-11-16 20:04:32,338 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 506 states, 341 states have (on average 1.18475073313783) internal successors, (404), 367 states have internal predecessors, (404), 89 states have call successors, (89), 73 states have call predecessors, (89), 75 states have return successors, (113), 82 states have call predecessors, (113), 89 states have call successors, (113) [2022-11-16 20:04:32,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 506 states to 506 states and 606 transitions. [2022-11-16 20:04:32,342 INFO L78 Accepts]: Start accepts. Automaton has 506 states and 606 transitions. Word has length 64 [2022-11-16 20:04:32,342 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:04:32,343 INFO L495 AbstractCegarLoop]: Abstraction has 506 states and 606 transitions. [2022-11-16 20:04:32,343 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 30 states, 24 states have (on average 1.4166666666666667) internal successors, (34), 24 states have internal predecessors, (34), 7 states have call successors, (7), 5 states have call predecessors, (7), 6 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-16 20:04:32,343 INFO L276 IsEmpty]: Start isEmpty. Operand 506 states and 606 transitions. [2022-11-16 20:04:32,344 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2022-11-16 20:04:32,345 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:04:32,345 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:04:32,356 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-16 20:04:32,556 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 20:04:32,556 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:04:32,557 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:04:32,557 INFO L85 PathProgramCache]: Analyzing trace with hash -802407473, now seen corresponding path program 1 times [2022-11-16 20:04:32,557 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:04:32,557 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [426475031] [2022-11-16 20:04:32,557 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:04:32,558 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:04:32,573 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:04:32,800 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 3 proven. 14 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-16 20:04:32,801 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:04:32,801 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [426475031] [2022-11-16 20:04:32,801 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [426475031] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 20:04:32,801 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1315095497] [2022-11-16 20:04:32,801 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:04:32,801 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 20:04:32,801 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 20:04:32,802 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 20:04:32,827 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-16 20:04:32,912 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:04:32,914 INFO L263 TraceCheckSpWp]: Trace formula consists of 432 conjuncts, 19 conjunts are in the unsatisfiable core [2022-11-16 20:04:32,916 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 20:04:33,009 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 17 proven. 3 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-16 20:04:33,009 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 20:04:33,207 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 14 proven. 4 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 20:04:33,208 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1315095497] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 20:04:33,208 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1561390077] [2022-11-16 20:04:33,210 INFO L159 IcfgInterpreter]: Started Sifa with 48 locations of interest [2022-11-16 20:04:33,210 INFO L166 IcfgInterpreter]: Building call graph [2022-11-16 20:04:33,211 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-16 20:04:33,211 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-16 20:04:33,211 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-16 20:04:39,859 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 302 for LOIs [2022-11-16 20:04:39,933 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 44 for LOIs [2022-11-16 20:04:40,118 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 25 for LOIs [2022-11-16 20:04:40,159 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 25 for LOIs [2022-11-16 20:04:40,180 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 44 for LOIs [2022-11-16 20:04:40,190 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 43 for LOIs [2022-11-16 20:04:40,198 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 25 for LOIs [2022-11-16 20:04:40,200 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-16 20:04:46,839 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '8965#(and (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~3#1|) (= |timeShift_getWaterLevel_~retValue_acc~7#1| |timeShift_getWaterLevel_#res#1|) (<= 0 |old(~pumpRunning~0)|) (= 0 |timeShift___utac_acc__Specification3_spec__1_~tmp___1~1#1|) (= ~head~0.offset 0) (= |timeShift_getWaterLevel_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___0~3#1|) (= 1 ~systemActive~0) (= 2 |timeShift___utac_acc__Specification3_spec__1_~tmp___0~3#1|) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~3#1|) (= |timeShift_getWaterLevel_~retValue_acc~7#1| ~waterLevel~0) (= ~head~0.base 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___1~1#1|) (= |#NULL.offset| 0) (= |timeShift___utac_acc__Specification3_spec__1_~tmp~6#1| 0) (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~6#1|) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-16 20:04:46,840 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-16 20:04:46,840 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-16 20:04:46,840 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 9, 9] total 20 [2022-11-16 20:04:46,840 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1528564417] [2022-11-16 20:04:46,840 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-16 20:04:46,841 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2022-11-16 20:04:46,841 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:04:46,841 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2022-11-16 20:04:46,842 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=377, Invalid=2485, Unknown=0, NotChecked=0, Total=2862 [2022-11-16 20:04:46,842 INFO L87 Difference]: Start difference. First operand 506 states and 606 transitions. Second operand has 20 states, 15 states have (on average 4.6) internal successors, (69), 16 states have internal predecessors, (69), 5 states have call successors, (18), 2 states have call predecessors, (18), 8 states have return successors, (19), 9 states have call predecessors, (19), 5 states have call successors, (19) [2022-11-16 20:04:47,999 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:04:47,999 INFO L93 Difference]: Finished difference Result 1609 states and 2059 transitions. [2022-11-16 20:04:47,999 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-16 20:04:48,000 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 15 states have (on average 4.6) internal successors, (69), 16 states have internal predecessors, (69), 5 states have call successors, (18), 2 states have call predecessors, (18), 8 states have return successors, (19), 9 states have call predecessors, (19), 5 states have call successors, (19) Word has length 66 [2022-11-16 20:04:48,000 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:04:48,006 INFO L225 Difference]: With dead ends: 1609 [2022-11-16 20:04:48,007 INFO L226 Difference]: Without dead ends: 1082 [2022-11-16 20:04:48,010 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 225 GetRequests, 159 SyntacticMatches, 3 SemanticMatches, 63 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1147 ImplicationChecksByTransitivity, 7.2s TimeCoverageRelationStatistics Valid=566, Invalid=3594, Unknown=0, NotChecked=0, Total=4160 [2022-11-16 20:04:48,010 INFO L413 NwaCegarLoop]: 98 mSDtfsCounter, 301 mSDsluCounter, 410 mSDsCounter, 0 mSdLazyCounter, 564 mSolverCounterSat, 242 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 301 SdHoareTripleChecker+Valid, 508 SdHoareTripleChecker+Invalid, 806 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 242 IncrementalHoareTripleChecker+Valid, 564 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-16 20:04:48,011 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [301 Valid, 508 Invalid, 806 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [242 Valid, 564 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-16 20:04:48,012 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1082 states. [2022-11-16 20:04:48,236 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1082 to 909. [2022-11-16 20:04:48,238 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 909 states, 612 states have (on average 1.1568627450980393) internal successors, (708), 653 states have internal predecessors, (708), 160 states have call successors, (160), 131 states have call predecessors, (160), 136 states have return successors, (228), 147 states have call predecessors, (228), 160 states have call successors, (228) [2022-11-16 20:04:48,243 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 909 states to 909 states and 1096 transitions. [2022-11-16 20:04:48,244 INFO L78 Accepts]: Start accepts. Automaton has 909 states and 1096 transitions. Word has length 66 [2022-11-16 20:04:48,245 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:04:48,245 INFO L495 AbstractCegarLoop]: Abstraction has 909 states and 1096 transitions. [2022-11-16 20:04:48,245 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 15 states have (on average 4.6) internal successors, (69), 16 states have internal predecessors, (69), 5 states have call successors, (18), 2 states have call predecessors, (18), 8 states have return successors, (19), 9 states have call predecessors, (19), 5 states have call successors, (19) [2022-11-16 20:04:48,245 INFO L276 IsEmpty]: Start isEmpty. Operand 909 states and 1096 transitions. [2022-11-16 20:04:48,248 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2022-11-16 20:04:48,248 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:04:48,249 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:04:48,259 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-16 20:04:48,454 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-16 20:04:48,455 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:04:48,455 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:04:48,455 INFO L85 PathProgramCache]: Analyzing trace with hash -1188952438, now seen corresponding path program 1 times [2022-11-16 20:04:48,455 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:04:48,455 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1849293098] [2022-11-16 20:04:48,455 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:04:48,455 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:04:48,475 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:04:48,620 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 16 proven. 2 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-16 20:04:48,620 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:04:48,620 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1849293098] [2022-11-16 20:04:48,621 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1849293098] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 20:04:48,621 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1638689869] [2022-11-16 20:04:48,621 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:04:48,621 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 20:04:48,621 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 20:04:48,622 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 20:04:48,654 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-16 20:04:48,753 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:04:48,755 INFO L263 TraceCheckSpWp]: Trace formula consists of 442 conjuncts, 20 conjunts are in the unsatisfiable core [2022-11-16 20:04:48,758 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 20:04:48,984 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 20:04:48,985 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-16 20:04:48,985 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1638689869] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:04:48,985 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-16 20:04:48,985 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [8] total 15 [2022-11-16 20:04:48,986 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1157799477] [2022-11-16 20:04:48,986 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:04:48,986 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-11-16 20:04:48,986 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:04:48,987 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-11-16 20:04:48,987 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=34, Invalid=176, Unknown=0, NotChecked=0, Total=210 [2022-11-16 20:04:48,988 INFO L87 Difference]: Start difference. First operand 909 states and 1096 transitions. Second operand has 9 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 3 states have call successors, (10), 4 states have call predecessors, (10), 5 states have return successors, (9), 4 states have call predecessors, (9), 3 states have call successors, (9) [2022-11-16 20:04:49,781 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:04:49,782 INFO L93 Difference]: Finished difference Result 2203 states and 2681 transitions. [2022-11-16 20:04:49,782 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-16 20:04:49,783 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 3 states have call successors, (10), 4 states have call predecessors, (10), 5 states have return successors, (9), 4 states have call predecessors, (9), 3 states have call successors, (9) Word has length 67 [2022-11-16 20:04:49,783 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:04:49,792 INFO L225 Difference]: With dead ends: 2203 [2022-11-16 20:04:49,793 INFO L226 Difference]: Without dead ends: 1508 [2022-11-16 20:04:49,795 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 82 GetRequests, 62 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 50 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=73, Invalid=389, Unknown=0, NotChecked=0, Total=462 [2022-11-16 20:04:49,796 INFO L413 NwaCegarLoop]: 18 mSDtfsCounter, 127 mSDsluCounter, 66 mSDsCounter, 0 mSdLazyCounter, 668 mSolverCounterSat, 83 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 84 SdHoareTripleChecker+Invalid, 751 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 83 IncrementalHoareTripleChecker+Valid, 668 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-16 20:04:49,796 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 84 Invalid, 751 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [83 Valid, 668 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-16 20:04:49,798 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1508 states. [2022-11-16 20:04:50,090 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1508 to 1260. [2022-11-16 20:04:50,092 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1260 states, 839 states have (on average 1.1477949940405245) internal successors, (963), 902 states have internal predecessors, (963), 227 states have call successors, (227), 186 states have call predecessors, (227), 193 states have return successors, (315), 208 states have call predecessors, (315), 227 states have call successors, (315) [2022-11-16 20:04:50,097 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1260 states to 1260 states and 1505 transitions. [2022-11-16 20:04:50,098 INFO L78 Accepts]: Start accepts. Automaton has 1260 states and 1505 transitions. Word has length 67 [2022-11-16 20:04:50,098 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:04:50,099 INFO L495 AbstractCegarLoop]: Abstraction has 1260 states and 1505 transitions. [2022-11-16 20:04:50,099 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 3 states have call successors, (10), 4 states have call predecessors, (10), 5 states have return successors, (9), 4 states have call predecessors, (9), 3 states have call successors, (9) [2022-11-16 20:04:50,099 INFO L276 IsEmpty]: Start isEmpty. Operand 1260 states and 1505 transitions. [2022-11-16 20:04:50,101 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 70 [2022-11-16 20:04:50,101 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:04:50,101 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:04:50,114 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-16 20:04:50,307 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-11-16 20:04:50,307 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:04:50,308 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:04:50,308 INFO L85 PathProgramCache]: Analyzing trace with hash -460431069, now seen corresponding path program 1 times [2022-11-16 20:04:50,308 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:04:50,308 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [454988272] [2022-11-16 20:04:50,308 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:04:50,308 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:04:50,321 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:04:50,510 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 18 proven. 2 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-16 20:04:50,511 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:04:50,511 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [454988272] [2022-11-16 20:04:50,511 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [454988272] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 20:04:50,511 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [516765699] [2022-11-16 20:04:50,511 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:04:50,512 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 20:04:50,512 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 20:04:50,525 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 20:04:50,543 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2022-11-16 20:04:50,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:04:50,630 INFO L263 TraceCheckSpWp]: Trace formula consists of 438 conjuncts, 24 conjunts are in the unsatisfiable core [2022-11-16 20:04:50,633 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 20:04:50,904 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 4 proven. 11 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-11-16 20:04:50,904 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 20:04:51,293 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 6 proven. 2 refuted. 0 times theorem prover too weak. 16 trivial. 0 not checked. [2022-11-16 20:04:51,294 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [516765699] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 20:04:51,294 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1841007274] [2022-11-16 20:04:51,300 INFO L159 IcfgInterpreter]: Started Sifa with 48 locations of interest [2022-11-16 20:04:51,300 INFO L166 IcfgInterpreter]: Building call graph [2022-11-16 20:04:51,301 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-16 20:04:51,301 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-16 20:04:51,301 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-16 20:04:58,043 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 302 for LOIs [2022-11-16 20:04:58,103 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 44 for LOIs [2022-11-16 20:04:58,301 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 25 for LOIs [2022-11-16 20:04:58,331 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 25 for LOIs [2022-11-16 20:04:58,349 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 44 for LOIs [2022-11-16 20:04:58,357 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 43 for LOIs [2022-11-16 20:04:58,365 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 25 for LOIs [2022-11-16 20:04:58,367 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-16 20:05:05,271 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '18837#(and (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~3#1|) (= |timeShift_getWaterLevel_~retValue_acc~7#1| |timeShift_getWaterLevel_#res#1|) (<= 0 |old(~pumpRunning~0)|) (= 0 |timeShift___utac_acc__Specification3_spec__1_~tmp___1~1#1|) (= ~head~0.offset 0) (= |timeShift_getWaterLevel_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___0~3#1|) (= 1 ~systemActive~0) (= 2 |timeShift___utac_acc__Specification3_spec__1_~tmp___0~3#1|) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~3#1|) (= |timeShift_getWaterLevel_~retValue_acc~7#1| ~waterLevel~0) (= ~head~0.base 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___1~1#1|) (= |#NULL.offset| 0) (= |timeShift___utac_acc__Specification3_spec__1_~tmp~6#1| 0) (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~6#1|) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-16 20:05:05,271 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-16 20:05:05,271 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-16 20:05:05,271 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 9, 8] total 23 [2022-11-16 20:05:05,271 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2039476859] [2022-11-16 20:05:05,272 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-16 20:05:05,272 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 23 states [2022-11-16 20:05:05,272 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:05:05,274 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2022-11-16 20:05:05,275 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=277, Invalid=2915, Unknown=0, NotChecked=0, Total=3192 [2022-11-16 20:05:05,275 INFO L87 Difference]: Start difference. First operand 1260 states and 1505 transitions. Second operand has 23 states, 20 states have (on average 5.35) internal successors, (107), 20 states have internal predecessors, (107), 10 states have call successors, (29), 8 states have call predecessors, (29), 9 states have return successors, (26), 12 states have call predecessors, (26), 10 states have call successors, (26) [2022-11-16 20:05:14,096 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:05:14,097 INFO L93 Difference]: Finished difference Result 3001 states and 3671 transitions. [2022-11-16 20:05:14,097 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 135 states. [2022-11-16 20:05:14,098 INFO L78 Accepts]: Start accepts. Automaton has has 23 states, 20 states have (on average 5.35) internal successors, (107), 20 states have internal predecessors, (107), 10 states have call successors, (29), 8 states have call predecessors, (29), 9 states have return successors, (26), 12 states have call predecessors, (26), 10 states have call successors, (26) Word has length 69 [2022-11-16 20:05:14,098 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:05:14,108 INFO L225 Difference]: With dead ends: 3001 [2022-11-16 20:05:14,109 INFO L226 Difference]: Without dead ends: 1832 [2022-11-16 20:05:14,121 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 386 GetRequests, 194 SyntacticMatches, 4 SemanticMatches, 188 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12985 ImplicationChecksByTransitivity, 12.5s TimeCoverageRelationStatistics Valid=2810, Invalid=33100, Unknown=0, NotChecked=0, Total=35910 [2022-11-16 20:05:14,122 INFO L413 NwaCegarLoop]: 72 mSDtfsCounter, 1703 mSDsluCounter, 684 mSDsCounter, 0 mSdLazyCounter, 4590 mSolverCounterSat, 1184 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1703 SdHoareTripleChecker+Valid, 756 SdHoareTripleChecker+Invalid, 5774 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1184 IncrementalHoareTripleChecker+Valid, 4590 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 3.0s IncrementalHoareTripleChecker+Time [2022-11-16 20:05:14,122 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1703 Valid, 756 Invalid, 5774 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1184 Valid, 4590 Invalid, 0 Unknown, 0 Unchecked, 3.0s Time] [2022-11-16 20:05:14,124 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1832 states. [2022-11-16 20:05:14,399 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1832 to 1491. [2022-11-16 20:05:14,402 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1491 states, 993 states have (on average 1.1158106747230614) internal successors, (1108), 1055 states have internal predecessors, (1108), 247 states have call successors, (247), 218 states have call predecessors, (247), 250 states have return successors, (323), 260 states have call predecessors, (323), 247 states have call successors, (323) [2022-11-16 20:05:14,407 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1491 states to 1491 states and 1678 transitions. [2022-11-16 20:05:14,408 INFO L78 Accepts]: Start accepts. Automaton has 1491 states and 1678 transitions. Word has length 69 [2022-11-16 20:05:14,408 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:05:14,408 INFO L495 AbstractCegarLoop]: Abstraction has 1491 states and 1678 transitions. [2022-11-16 20:05:14,409 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 23 states, 20 states have (on average 5.35) internal successors, (107), 20 states have internal predecessors, (107), 10 states have call successors, (29), 8 states have call predecessors, (29), 9 states have return successors, (26), 12 states have call predecessors, (26), 10 states have call successors, (26) [2022-11-16 20:05:14,409 INFO L276 IsEmpty]: Start isEmpty. Operand 1491 states and 1678 transitions. [2022-11-16 20:05:14,412 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 103 [2022-11-16 20:05:14,412 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:05:14,412 INFO L195 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:05:14,422 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2022-11-16 20:05:14,618 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2022-11-16 20:05:14,618 INFO L420 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:05:14,618 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:05:14,619 INFO L85 PathProgramCache]: Analyzing trace with hash 1179670256, now seen corresponding path program 1 times [2022-11-16 20:05:14,619 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:05:14,619 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [667723981] [2022-11-16 20:05:14,619 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:05:14,619 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:05:14,648 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:05:15,001 INFO L134 CoverageAnalysis]: Checked inductivity of 73 backedges. 32 proven. 15 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2022-11-16 20:05:15,001 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:05:15,001 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [667723981] [2022-11-16 20:05:15,001 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [667723981] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 20:05:15,001 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [183404170] [2022-11-16 20:05:15,002 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:05:15,002 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 20:05:15,002 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 20:05:15,003 INFO L229 MonitoredProcess]: Starting monitored process 7 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 20:05:15,005 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2022-11-16 20:05:15,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:05:15,123 INFO L263 TraceCheckSpWp]: Trace formula consists of 529 conjuncts, 25 conjunts are in the unsatisfiable core [2022-11-16 20:05:15,126 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 20:05:15,414 INFO L134 CoverageAnalysis]: Checked inductivity of 73 backedges. 52 proven. 0 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2022-11-16 20:05:15,415 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-16 20:05:15,415 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [183404170] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:05:15,415 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-16 20:05:15,415 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [9] total 16 [2022-11-16 20:05:15,415 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [199671575] [2022-11-16 20:05:15,415 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:05:15,416 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-11-16 20:05:15,416 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:05:15,416 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-11-16 20:05:15,417 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=59, Invalid=181, Unknown=0, NotChecked=0, Total=240 [2022-11-16 20:05:15,417 INFO L87 Difference]: Start difference. First operand 1491 states and 1678 transitions. Second operand has 9 states, 9 states have (on average 6.666666666666667) internal successors, (60), 8 states have internal predecessors, (60), 5 states have call successors, (14), 5 states have call predecessors, (14), 4 states have return successors, (14), 4 states have call predecessors, (14), 5 states have call successors, (14) [2022-11-16 20:05:16,110 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:05:16,110 INFO L93 Difference]: Finished difference Result 2265 states and 2586 transitions. [2022-11-16 20:05:16,111 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-16 20:05:16,111 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 6.666666666666667) internal successors, (60), 8 states have internal predecessors, (60), 5 states have call successors, (14), 5 states have call predecessors, (14), 4 states have return successors, (14), 4 states have call predecessors, (14), 5 states have call successors, (14) Word has length 102 [2022-11-16 20:05:16,111 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:05:16,116 INFO L225 Difference]: With dead ends: 2265 [2022-11-16 20:05:16,117 INFO L226 Difference]: Without dead ends: 1066 [2022-11-16 20:05:16,120 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 115 GetRequests, 96 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 68 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=109, Invalid=311, Unknown=0, NotChecked=0, Total=420 [2022-11-16 20:05:16,120 INFO L413 NwaCegarLoop]: 44 mSDtfsCounter, 223 mSDsluCounter, 102 mSDsCounter, 0 mSdLazyCounter, 356 mSolverCounterSat, 100 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 233 SdHoareTripleChecker+Valid, 146 SdHoareTripleChecker+Invalid, 456 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 100 IncrementalHoareTripleChecker+Valid, 356 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-16 20:05:16,121 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [233 Valid, 146 Invalid, 456 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [100 Valid, 356 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-16 20:05:16,122 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1066 states. [2022-11-16 20:05:16,278 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1066 to 542. [2022-11-16 20:05:16,279 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 542 states, 358 states have (on average 1.0977653631284916) internal successors, (393), 382 states have internal predecessors, (393), 91 states have call successors, (91), 88 states have call predecessors, (91), 92 states have return successors, (107), 88 states have call predecessors, (107), 91 states have call successors, (107) [2022-11-16 20:05:16,281 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 542 states to 542 states and 591 transitions. [2022-11-16 20:05:16,282 INFO L78 Accepts]: Start accepts. Automaton has 542 states and 591 transitions. Word has length 102 [2022-11-16 20:05:16,282 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:05:16,282 INFO L495 AbstractCegarLoop]: Abstraction has 542 states and 591 transitions. [2022-11-16 20:05:16,282 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 6.666666666666667) internal successors, (60), 8 states have internal predecessors, (60), 5 states have call successors, (14), 5 states have call predecessors, (14), 4 states have return successors, (14), 4 states have call predecessors, (14), 5 states have call successors, (14) [2022-11-16 20:05:16,282 INFO L276 IsEmpty]: Start isEmpty. Operand 542 states and 591 transitions. [2022-11-16 20:05:16,290 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 106 [2022-11-16 20:05:16,291 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 20:05:16,291 INFO L195 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:05:16,296 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2022-11-16 20:05:16,492 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12,7 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 20:05:16,493 INFO L420 AbstractCegarLoop]: === Iteration 14 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 20:05:16,493 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 20:05:16,493 INFO L85 PathProgramCache]: Analyzing trace with hash 358408337, now seen corresponding path program 2 times [2022-11-16 20:05:16,493 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 20:05:16,494 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1012201835] [2022-11-16 20:05:16,494 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 20:05:16,494 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 20:05:16,512 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 20:05:16,749 INFO L134 CoverageAnalysis]: Checked inductivity of 76 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 61 trivial. 0 not checked. [2022-11-16 20:05:16,749 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 20:05:16,749 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1012201835] [2022-11-16 20:05:16,749 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1012201835] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 20:05:16,750 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 20:05:16,750 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-16 20:05:16,750 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1887685046] [2022-11-16 20:05:16,750 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 20:05:16,751 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-16 20:05:16,751 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 20:05:16,751 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-16 20:05:16,751 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-11-16 20:05:16,752 INFO L87 Difference]: Start difference. First operand 542 states and 591 transitions. Second operand has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2022-11-16 20:05:17,005 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 20:05:17,006 INFO L93 Difference]: Finished difference Result 946 states and 1041 transitions. [2022-11-16 20:05:17,006 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-16 20:05:17,006 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 105 [2022-11-16 20:05:17,007 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 20:05:17,007 INFO L225 Difference]: With dead ends: 946 [2022-11-16 20:05:17,007 INFO L226 Difference]: Without dead ends: 0 [2022-11-16 20:05:17,008 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=13, Invalid=17, Unknown=0, NotChecked=0, Total=30 [2022-11-16 20:05:17,009 INFO L413 NwaCegarLoop]: 70 mSDtfsCounter, 42 mSDsluCounter, 166 mSDsCounter, 0 mSdLazyCounter, 69 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 236 SdHoareTripleChecker+Invalid, 79 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 69 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 20:05:17,009 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [42 Valid, 236 Invalid, 79 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 69 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 20:05:17,010 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-16 20:05:17,010 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-16 20:05:17,010 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-16 20:05:17,010 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-16 20:05:17,011 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 105 [2022-11-16 20:05:17,011 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 20:05:17,011 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-16 20:05:17,011 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2022-11-16 20:05:17,011 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-16 20:05:17,011 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-16 20:05:17,013 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-16 20:05:17,014 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2022-11-16 20:05:17,015 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-16 20:05:45,070 WARN L233 SmtUtils]: Spent 5.10s on a formula simplification. DAG size of input: 639 DAG size of output: 30 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-16 20:06:13,638 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 296 303) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (< ~waterLevel~0 2))) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0)) .cse2 .cse3))) [2022-11-16 20:06:13,639 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 296 303) no Hoare annotation was computed. [2022-11-16 20:06:13,639 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 203 209) no Hoare annotation was computed. [2022-11-16 20:06:13,639 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 203 209) the Hoare annotation is: true [2022-11-16 20:06:13,639 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 426 437) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse2 (and (not (= |old(~methaneLevelCritical~0)| ~systemActive~0)) (not (= |old(~methaneLevelCritical~0)| 0)))) (.cse3 (not (< ~waterLevel~0 3)))) (and (or .cse0 .cse1 .cse2 (not (= ~pumpRunning~0 1)) .cse3) (or (not (= ~pumpRunning~0 0)) .cse0 .cse1 .cse2 .cse3))) [2022-11-16 20:06:13,639 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 426 437) no Hoare annotation was computed. [2022-11-16 20:06:13,640 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 438 446) the Hoare annotation is: true [2022-11-16 20:06:13,640 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 438 446) no Hoare annotation was computed. [2022-11-16 20:06:13,640 INFO L902 garLoopResultBuilder]: At program point L929(lines 904 933) the Hoare annotation is: true [2022-11-16 20:06:13,640 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 904 933) no Hoare annotation was computed. [2022-11-16 20:06:13,640 INFO L899 garLoopResultBuilder]: For program point L925(line 925) no Hoare annotation was computed. [2022-11-16 20:06:13,640 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 904 933) the Hoare annotation is: true [2022-11-16 20:06:13,640 INFO L899 garLoopResultBuilder]: For program point L918(lines 918 922) no Hoare annotation was computed. [2022-11-16 20:06:13,641 INFO L902 garLoopResultBuilder]: At program point L918-1(lines 918 922) the Hoare annotation is: true [2022-11-16 20:06:13,641 INFO L902 garLoopResultBuilder]: At program point L914-2(lines 914 928) the Hoare annotation is: true [2022-11-16 20:06:13,641 INFO L902 garLoopResultBuilder]: At program point L910(line 910) the Hoare annotation is: true [2022-11-16 20:06:13,641 INFO L899 garLoopResultBuilder]: For program point L910-1(line 910) no Hoare annotation was computed. [2022-11-16 20:06:13,642 INFO L895 garLoopResultBuilder]: At program point L510(line 510) the Hoare annotation is: (let ((.cse12 (< ~waterLevel~0 2)) (.cse13 (= |timeShift_processEnvironment_~tmp~3#1| 0)) (.cse5 (= ~pumpRunning~0 1)) (.cse11 (= ~pumpRunning~0 0)) (.cse16 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse8 (not (= ~methaneLevelCritical~0 0))) (.cse15 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (let ((.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (= 1 ~systemActive~0))) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse7 (not (< |old(~waterLevel~0)| 2))) (.cse9 (not (= |old(~pumpRunning~0)| 1))) (.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse3 (and .cse8 .cse15)) (.cse10 (or (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) (and (not (< 0 ~waterLevel~0)) .cse16) (and .cse11 .cse16))) (.cse14 (and .cse16 .cse12 .cse13 .cse5))) (and (or .cse0 .cse1 .cse2 .cse3 (and .cse4 .cse5)) (or (and (or .cse6 .cse7 .cse8 .cse9) (or .cse6 .cse8 .cse9 .cse2)) (and .cse10 .cse11 .cse12 .cse13) .cse14) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 (and .cse11 .cse4) .cse15 .cse1) (or (and (= 2 ~waterLevel~0) .cse4 .cse5) (and .cse11 (<= ~waterLevel~0 1) .cse4) .cse0 .cse6 .cse8 (not (< |old(~waterLevel~0)| 3))) (or (and (or .cse9 .cse1 .cse2 .cse3) (or .cse7 .cse9 .cse1 .cse3)) (and .cse10 .cse11 .cse12) .cse14)))) [2022-11-16 20:06:13,642 INFO L899 garLoopResultBuilder]: For program point L510-1(line 510) no Hoare annotation was computed. [2022-11-16 20:06:13,642 INFO L899 garLoopResultBuilder]: For program point L271(lines 271 279) no Hoare annotation was computed. [2022-11-16 20:06:13,642 INFO L899 garLoopResultBuilder]: For program point L267(lines 267 284) no Hoare annotation was computed. [2022-11-16 20:06:13,642 INFO L895 garLoopResultBuilder]: At program point L309(line 309) the Hoare annotation is: (let ((.cse7 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 1))) (.cse5 (and (let ((.cse9 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse9) (= |old(~waterLevel~0)| ~waterLevel~0)) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse9))) (= ~pumpRunning~0 1))) (.cse4 (not (< |old(~waterLevel~0)| 2))) (.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (= 1 ~systemActive~0))) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse3 (and .cse7 (not (= ~methaneLevelCritical~0 ~systemActive~0))))) (and (or (let ((.cse1 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse1 .cse3))) .cse5) (or (and (or .cse6 .cse4 .cse7 .cse0) (or .cse6 .cse7 .cse0 .cse2)) .cse5) (or .cse8 .cse6 .cse4 .cse3) (or .cse8 .cse6 .cse2 .cse3)))) [2022-11-16 20:06:13,643 INFO L895 garLoopResultBuilder]: At program point L309-1(line 309) the Hoare annotation is: (let ((.cse9 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse4 (not (< |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~pumpRunning~0)| 1))) (.cse5 (let ((.cse10 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse10) (= |old(~waterLevel~0)| ~waterLevel~0)) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse10)))) (.cse6 (= ~pumpRunning~0 1)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (not (= 1 ~systemActive~0))) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse3 (and .cse9 (not (= ~methaneLevelCritical~0 ~systemActive~0))))) (and (or (let ((.cse1 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse1 .cse3))) (and .cse5 .cse6)) (or .cse7 .cse8 .cse4 .cse3) (or (and (or .cse8 .cse4 .cse9 .cse0) (or .cse8 .cse9 .cse0 .cse2)) (and (= |timeShift_isMethaneAlarm_#t~ret12#1| 0) .cse5 .cse6)) (or .cse7 .cse8 .cse2 .cse3)))) [2022-11-16 20:06:13,643 INFO L895 garLoopResultBuilder]: At program point L512(lines 512 532) the Hoare annotation is: (let ((.cse11 (< ~waterLevel~0 2)) (.cse4 (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~6#1|)) (.cse17 (= |timeShift_processEnvironment_~tmp~3#1| 0)) (.cse9 (= ~pumpRunning~0 1)) (.cse2 (= ~pumpRunning~0 0)) (.cse18 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse5 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse6 (<= 2 ~waterLevel~0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse13 (not (= ~methaneLevelCritical~0 1))) (.cse14 (and .cse5 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (.cse7 (not (< |old(~waterLevel~0)| 3))) (.cse15 (not (< |old(~waterLevel~0)| 2))) (.cse1 (not (= 1 ~systemActive~0))) (.cse12 (not (= |old(~pumpRunning~0)| 1))) (.cse8 (not (= |old(~waterLevel~0)| 2))) (.cse10 (or (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) (and (not (< 0 ~waterLevel~0)) .cse18) (and .cse2 .cse18))) (.cse16 (and .cse18 .cse11 .cse4 .cse17 .cse9))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (and .cse6 .cse3) .cse7) (or .cse0 .cse1 .cse5 .cse8 (and .cse4 .cse9)) (or (and .cse10 .cse2 .cse11 .cse4) (and (or .cse12 .cse13 .cse8 .cse14) (or .cse15 .cse12 .cse13 .cse14)) .cse16) (or (and .cse6 .cse3 .cse4 .cse9) .cse0 (and .cse2 (<= ~waterLevel~0 1) .cse3 .cse4) .cse13 .cse14 .cse7) (or (and (or .cse1 .cse15 .cse5 .cse12) (or .cse1 .cse5 .cse12 .cse8)) (and .cse10 .cse2 .cse11 .cse4 .cse17) .cse16)))) [2022-11-16 20:06:13,643 INFO L899 garLoopResultBuilder]: For program point L190-1(lines 190 196) no Hoare annotation was computed. [2022-11-16 20:06:13,644 INFO L895 garLoopResultBuilder]: At program point L54(line 54) the Hoare annotation is: (let ((.cse1 (not (< |old(~waterLevel~0)| 2))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse5 (not (= |old(~waterLevel~0)| 2))) (.cse3 (and (not (= ~methaneLevelCritical~0 0)) (not (= ~methaneLevelCritical~0 ~systemActive~0))))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse1 .cse3) (or .cse4 .cse0 .cse5 .cse3) (or .cse0 .cse2 .cse5 .cse3))) [2022-11-16 20:06:13,644 INFO L895 garLoopResultBuilder]: At program point L277(line 277) the Hoare annotation is: (let ((.cse3 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse0 (and (let ((.cse9 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse9) (= |old(~waterLevel~0)| ~waterLevel~0)) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse9))) (= |timeShift_processEnvironment_~tmp~3#1| 0) (= ~pumpRunning~0 1))) (.cse4 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (< |old(~waterLevel~0)| 2))) (.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse5 (not (= |old(~waterLevel~0)| 2))) (.cse7 (and .cse3 (not (= ~methaneLevelCritical~0 ~systemActive~0))))) (and (or .cse0 (and (or .cse1 .cse2 .cse3 .cse4) (or .cse1 .cse3 .cse4 .cse5))) (or .cse0 (let ((.cse6 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse4 .cse6 .cse5 .cse7) (or .cse2 .cse4 .cse6 .cse7)))) (or .cse8 .cse1 .cse2 .cse7) (or .cse8 .cse1 .cse5 .cse7)))) [2022-11-16 20:06:13,644 INFO L895 garLoopResultBuilder]: At program point L273(line 273) the Hoare annotation is: (let ((.cse8 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse4 (not (< |old(~waterLevel~0)| 2))) (.cse6 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (and .cse8 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (.cse7 (not (= 1 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (= |old(~waterLevel~0)| 2)))) (and (or (let ((.cse1 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse1 .cse3))) (and (let ((.cse5 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse5) (= |old(~waterLevel~0)| ~waterLevel~0)) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse5))) (= ~pumpRunning~0 1))) (or .cse6 .cse7 .cse4 .cse3) (or .cse7 .cse4 .cse8 .cse0) (or .cse6 .cse7 .cse2 .cse3) (or .cse7 .cse8 .cse0 .cse2)))) [2022-11-16 20:06:13,644 INFO L895 garLoopResultBuilder]: At program point L282(line 282) the Hoare annotation is: (let ((.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (and (not (= ~methaneLevelCritical~0 0)) (not (= ~methaneLevelCritical~0 ~systemActive~0))))) (and (or .cse0 (not (< |old(~waterLevel~0)| 2)) .cse1 .cse2) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse2 (not (< |old(~waterLevel~0)| 3))))) [2022-11-16 20:06:13,645 INFO L895 garLoopResultBuilder]: At program point L282-1(lines 263 287) the Hoare annotation is: (let ((.cse12 (< ~waterLevel~0 2)) (.cse13 (= |timeShift_processEnvironment_~tmp~3#1| 0)) (.cse5 (= ~pumpRunning~0 1)) (.cse11 (= ~pumpRunning~0 0)) (.cse16 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse8 (not (= ~methaneLevelCritical~0 0))) (.cse15 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (let ((.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (= 1 ~systemActive~0))) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse7 (not (< |old(~waterLevel~0)| 2))) (.cse9 (not (= |old(~pumpRunning~0)| 1))) (.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse3 (and .cse8 .cse15)) (.cse10 (or (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) (and (not (< 0 ~waterLevel~0)) .cse16) (and .cse11 .cse16))) (.cse14 (and .cse16 .cse12 .cse13 .cse5))) (and (or .cse0 .cse1 .cse2 .cse3 (and .cse4 .cse5)) (or (and (or .cse6 .cse7 .cse8 .cse9) (or .cse6 .cse8 .cse9 .cse2)) (and .cse10 .cse11 .cse12 .cse13) .cse14) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 (and .cse11 .cse4) .cse15 .cse1) (or (and (= 2 ~waterLevel~0) .cse4 .cse5) (and .cse11 (<= ~waterLevel~0 1) .cse4) .cse0 .cse6 .cse8 (not (< |old(~waterLevel~0)| 3))) (or (and (or .cse9 .cse1 .cse2 .cse3) (or .cse7 .cse9 .cse1 .cse3)) (and .cse10 .cse11 .cse12) .cse14)))) [2022-11-16 20:06:13,645 INFO L899 garLoopResultBuilder]: For program point L183-1(lines 182 201) no Hoare annotation was computed. [2022-11-16 20:06:13,645 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 179 202) the Hoare annotation is: (let ((.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse10 (not (= ~methaneLevelCritical~0 ~systemActive~0))) (.cse11 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (not (< |old(~waterLevel~0)| 2))) (.cse5 (not (= |old(~pumpRunning~0)| 1))) (.cse7 (and .cse11 (= ~pumpRunning~0 1))) (.cse2 (not (= 1 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (and (= ~pumpRunning~0 0) .cse11)) (.cse8 (not (= ~methaneLevelCritical~0 1))) (.cse6 (not (= |old(~waterLevel~0)| 2))) (.cse9 (and .cse4 .cse10))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or (and (or .cse2 .cse3 .cse4 .cse5) (or .cse2 .cse4 .cse5 .cse6)) .cse7) (or (and (or .cse5 .cse8 .cse6 .cse9) (or .cse3 .cse5 .cse8 .cse9)) .cse7) (or .cse0 .cse1 .cse2 .cse4 .cse6) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse10 .cse8) (or .cse0 .cse1 .cse8 .cse6 .cse9)))) [2022-11-16 20:06:13,646 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 179 202) no Hoare annotation was computed. [2022-11-16 20:06:13,646 INFO L899 garLoopResultBuilder]: For program point L522(lines 522 528) no Hoare annotation was computed. [2022-11-16 20:06:13,646 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 54) no Hoare annotation was computed. [2022-11-16 20:06:13,646 INFO L895 garLoopResultBuilder]: At program point L518(lines 518 531) the Hoare annotation is: (let ((.cse4 (= ~methaneLevelCritical~0 0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse11 (= ~pumpRunning~0 1)) (.cse3 (= ~pumpRunning~0 0)) (.cse6 (<= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~3#1| 1)) (.cse7 (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~6#1|)) (.cse1 (not (= 1 ~systemActive~0))) (.cse10 (not (= |old(~waterLevel~0)| 2))) (.cse2 (not (< |old(~waterLevel~0)| 2))) (.cse12 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (not (= ~methaneLevelCritical~0 1))) (.cse8 (and (not .cse4) (not (= ~methaneLevelCritical~0 ~systemActive~0))))) (and (or .cse0 .cse1 .cse2 (and .cse3 .cse4 .cse5 .cse6 .cse7) .cse8) (or .cse0 .cse9 .cse10 .cse8) (or .cse0 .cse1 .cse10 .cse8 (and .cse5 .cse7 .cse11)) (or .cse12 .cse9 .cse10 .cse8) (let ((.cse13 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse14 (< ~waterLevel~0 2)) (.cse15 (= |timeShift_processEnvironment_~tmp~3#1| 0))) (or (and .cse13 .cse14 .cse6 .cse7 .cse15 .cse11) (and .cse3 .cse13 .cse14 .cse6 .cse7 .cse15) (and (or .cse1 .cse2 .cse12 .cse8) (or .cse1 .cse12 .cse10 .cse8)))) (or .cse2 .cse12 .cse9 .cse8)))) [2022-11-16 20:06:13,647 INFO L895 garLoopResultBuilder]: At program point L518-1(lines 503 535) the Hoare annotation is: (let ((.cse18 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~6#1|)) (.cse5 (= ~pumpRunning~0 1)) (.cse8 (not (= ~methaneLevelCritical~0 0))) (.cse13 (= 1 ~systemActive~0)) (.cse12 (= ~pumpRunning~0 0)) (.cse0 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (let ((.cse9 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (= |timeShift_processEnvironment_~tmp~3#1| 0)) (.cse11 (or (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) (and (not (< 0 ~waterLevel~0)) .cse0) (and .cse12 .cse0))) (.cse1 (< ~waterLevel~0 2)) (.cse6 (not .cse13)) (.cse7 (not (< |old(~waterLevel~0)| 2))) (.cse2 (<= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~3#1| 1)) (.cse14 (not (= |old(~pumpRunning~0)| 0))) (.cse16 (not (= ~methaneLevelCritical~0 1))) (.cse10 (not (= |old(~waterLevel~0)| 2))) (.cse17 (and .cse8 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (.cse15 (and .cse18 .cse3 .cse5))) (and (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and (or .cse6 .cse7 .cse8 .cse9) (or .cse6 .cse8 .cse9 .cse10)) (and .cse11 .cse12 .cse13 .cse1 .cse2 .cse3 .cse4)) (or .cse14 .cse6 .cse8 .cse10 .cse15) (or .cse14 .cse7 .cse16 .cse17 (and .cse12 .cse13 .cse18 .cse3)) (or (and (or .cse9 .cse16 .cse10 .cse17) (or .cse7 .cse9 .cse16 .cse17)) (and .cse0 .cse1 .cse3 .cse4 .cse5) (and .cse11 .cse12 .cse13 .cse1 .cse3)) (or .cse14 .cse6 .cse7 .cse8 (and .cse12 .cse13 .cse18 .cse2 .cse3)) (or .cse14 .cse16 .cse10 .cse17 .cse15)))) [2022-11-16 20:06:13,648 INFO L895 garLoopResultBuilder]: At program point L985(lines 985 992) the Hoare annotation is: (let ((.cse2 (select |#memory_int| 11)) (.cse8 (select |#memory_int| 8)) (.cse9 (select |#memory_int| 16)) (.cse4 (select |#memory_int| 9)) (.cse0 (select |#memory_int| 14)) (.cse5 (select |#memory_int| 7)) (.cse1 (select |#memory_int| 6)) (.cse6 (select |#memory_int| 13)) (.cse10 (select |#memory_int| 1)) (.cse11 (select |#memory_int| 15)) (.cse3 (select |#memory_int| 10)) (.cse7 (select |#memory_int| 5))) (and (= (select .cse0 3) 84) (= (select .cse1 2) 102) (= (select .cse2 1) 0) (= 1 (select |#valid| 5)) (= 32 (select .cse3 1)) (= (select |#length| 3) 12) (= (select .cse4 0) 79) (= (select |#valid| 15) 1) (= 112 (select .cse5 4)) (= (select .cse1 0) 79) (= 3 (select |#length| 10)) (= ~pumpRunning~0 0) (= (select |#valid| 26) 1) (= (select .cse5 1) 80) (= 58 (select .cse6 5)) (= (select |#length| 8) 3) (= (select |#length| 6) 4) (= (select |#valid| 9) 1) (= (select |#length| 4) 13) (= 117 (select .cse5 2)) (= (select .cse7 2) 0) (= 7 (select |#length| 7)) (= 7 (select |#length| 13)) (= 110 (select .cse8 1)) (= (select .cse1 1) 102) (= (select |#valid| 11) 1) (= (select |#valid| 27) 1) (= ~methaneLevelCritical~0 0) (= 58 (select .cse5 5)) (= (select .cse8 0) 79) (= 30 (select |#length| 23)) (= 41 (select .cse9 0)) (= 44 (select .cse5 0)) (= (select |#length| 24) 9) (= 31 (select |#length| 2)) (= ~head~0.offset 0) (= 44 (select .cse6 0)) (= (select .cse2 0) 10) (= (select .cse0 4) 0) (= 2 (select |#length| 1)) (= (select |#length| 17) 30) (= 73 (select .cse0 2)) (= 9 (select |#length| 18)) (= (select |#length| 19) 21) (= (select |#valid| 3) 1) (= (select |#valid| 7) 1) (= (select |#length| 22) 21) (= (select |#valid| 18) 1) (= (select |#valid| 22) 1) (= 3 (select |#length| 5)) (= 30 (select |#length| 26)) (= 77 (select .cse6 1)) (= 2 (select |#length| 11)) (= 1 ~systemActive~0) (= (select |#length| 15) 3) (= (select |#valid| 24) 1) (= (select .cse4 3) 0) (= (select |#valid| 12) 1) (= |ULTIMATE.start_main_~tmp~10#1| |ULTIMATE.start_valid_product_#res#1|) (= (select |#valid| 28) 1) (= (select .cse0 1) 82) (= (select |#valid| 4) 1) (= (select .cse4 1) 102) (= (select .cse8 2) 0) (= (select .cse9 1) 0) (= 101 (select .cse6 2)) (= 25 (select |#length| 25)) (= (select |#valid| 1) 1) (= (select .cse5 6) 0) (= (select .cse4 2) 102) (= (select |#valid| 20) 1) (= (select .cse7 0) 79) (= (select |#length| 12) 13) (= 2 (select |#length| 16)) (= (select |#valid| 21) 1) (= (select |#length| 9) 4) (= 104 (select .cse6 4)) (= (select |#length| 21) 9) (= (select |#valid| 14) 1) (= |ULTIMATE.start_valid_product_~retValue_acc~1#1| |ULTIMATE.start_valid_product_#res#1|) (= 116 (select .cse6 3)) (= 5 (select |#length| 14)) (= (select |#valid| 0) 0) (= 30 (select |#length| 20)) (= (select |#valid| 25) 1) (= ~head~0.base 0) (= (select |#valid| 2) 1) (= |#NULL.offset| 0) (= (select .cse0 0) 67) (= ~waterLevel~0 1) (= |ULTIMATE.start_valid_product_~retValue_acc~1#1| 1) (= (select .cse3 2) 0) (= (select |#length| 27) 9) (= (select .cse10 0) 48) (= (select |#valid| 23) 1) (= (select |#valid| 19) 1) (= (select .cse11 1) 75) (= 109 (select .cse5 3)) (= (select .cse1 3) 0) (= 0 (select .cse6 6)) (= (select |#valid| 16) 1) (= (select .cse11 2) 0) (= (select |#valid| 6) 1) (= (select .cse10 1) 0) (= (select .cse11 0) 79) (= (select .cse3 0) 41) (= (select |#valid| 17) 1) (= (select |#valid| 10) 1) (= (select .cse7 1) 110) (= (select |#valid| 8) 1) (= (select |#length| 28) 25) (= (select |#valid| 13) 1) (< 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))) [2022-11-16 20:06:13,648 INFO L902 garLoopResultBuilder]: At program point L985-2(lines 985 992) the Hoare annotation is: true [2022-11-16 20:06:13,648 INFO L895 garLoopResultBuilder]: At program point L147-2(lines 141 152) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (or (= ~methaneLevelCritical~0 ~systemActive~0) (= ~methaneLevelCritical~0 0)))) (or (and .cse0 .cse1 .cse2 (< ~waterLevel~0 3) (= ~pumpRunning~0 1)) (and .cse3 (<= ~waterLevel~0 1) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1 .cse2))) [2022-11-16 20:06:13,649 INFO L899 garLoopResultBuilder]: For program point L131(lines 131 137) no Hoare annotation was computed. [2022-11-16 20:06:13,649 INFO L899 garLoopResultBuilder]: For program point L131-1(lines 131 137) no Hoare annotation was computed. [2022-11-16 20:06:13,649 INFO L902 garLoopResultBuilder]: At program point L160(lines 101 164) the Hoare annotation is: true [2022-11-16 20:06:13,649 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-16 20:06:13,649 INFO L895 garLoopResultBuilder]: At program point L123(line 123) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (or (= ~methaneLevelCritical~0 ~systemActive~0) (= ~methaneLevelCritical~0 0))) (.cse3 (< ~waterLevel~0 3))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (= ~pumpRunning~0 1)))) [2022-11-16 20:06:13,649 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-16 20:06:13,649 INFO L895 garLoopResultBuilder]: At program point L157(lines 110 158) the Hoare annotation is: false [2022-11-16 20:06:13,650 INFO L899 garLoopResultBuilder]: For program point L112(lines 111 156) no Hoare annotation was computed. [2022-11-16 20:06:13,650 INFO L895 garLoopResultBuilder]: At program point L133(line 133) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 1)) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (= 2 ~waterLevel~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (or (= ~methaneLevelCritical~0 ~systemActive~0) (= ~methaneLevelCritical~0 0)))) (or (and .cse0 .cse1 (< ~waterLevel~0 2) .cse2 .cse3) (and .cse4 (<= ~waterLevel~0 1) .cse0 .cse1 .cse2) (and .cse5 .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse0 .cse1 .cse2))) [2022-11-16 20:06:13,650 INFO L895 garLoopResultBuilder]: At program point L154(lines 111 156) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (or (= ~methaneLevelCritical~0 ~systemActive~0) (= ~methaneLevelCritical~0 0))) (.cse3 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 (< ~waterLevel~0 2) .cse2 .cse3) (and (= ~pumpRunning~0 0) (<= ~waterLevel~0 1) .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse0 .cse1 .cse2 .cse3))) [2022-11-16 20:06:13,650 INFO L899 garLoopResultBuilder]: For program point L121(lines 121 127) no Hoare annotation was computed. [2022-11-16 20:06:13,650 INFO L899 garLoopResultBuilder]: For program point L121-1(lines 121 127) no Hoare annotation was computed. [2022-11-16 20:06:13,651 INFO L895 garLoopResultBuilder]: At program point L225(line 225) the Hoare annotation is: (let ((.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (let ((.cse2 (and .cse5 .cse3)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0)))) (and (or .cse0 .cse1 (not (= 2 ~waterLevel~0)) .cse2) (or .cse0 .cse3 .cse4 (not (= ~methaneLevelCritical~0 1)) (not (< ~waterLevel~0 3))) (or .cse1 (not (< ~waterLevel~0 2)) (not (= |old(~pumpRunning~0)| 1)) .cse2) (or .cse0 .cse1 .cse5 .cse4 (not (<= ~waterLevel~0 1)))))) [2022-11-16 20:06:13,651 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 211 235) the Hoare annotation is: (let ((.cse8 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse6 (not (= ~methaneLevelCritical~0 1))) (.cse3 (and .cse8 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (< ~waterLevel~0 2))) (.cse5 (not (= |old(~pumpRunning~0)| 1))) (.cse7 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 (not (= 2 ~waterLevel~0)) .cse3) (or .cse4 .cse5 .cse6 .cse3 .cse7) (or .cse0 .cse1 .cse2 .cse8 (not (<= ~waterLevel~0 1))) (or .cse0 .cse1 .cse4 .cse6 .cse3) (or .cse2 .cse4 .cse8 .cse5 .cse7)))) [2022-11-16 20:06:13,651 INFO L895 garLoopResultBuilder]: At program point L219(lines 219 227) the Hoare annotation is: (let ((.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse10 (= ~pumpRunning~0 0)) (.cse11 (< 0 ~waterLevel~0))) (let ((.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse0 (not (= 2 ~waterLevel~0))) (.cse1 (and (or .cse10 (not .cse11)) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 1))) (.cse4 (and .cse5 .cse11)) (.cse2 (not (= ~methaneLevelCritical~0 ~systemActive~0))) (.cse8 (not (= 1 ~systemActive~0))) (.cse9 (not (= ~methaneLevelCritical~0 0))) (.cse6 (and .cse10 (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0))) (.cse7 (not (<= ~waterLevel~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse2 .cse6 .cse3 .cse7) (or .cse8 .cse0 .cse1 .cse9 .cse4) (or .cse8 (not (< ~waterLevel~0 2)) (not (= |old(~pumpRunning~0)| 1)) (and .cse9 .cse2)) (or .cse5 .cse8 .cse9 .cse6 .cse7)))) [2022-11-16 20:06:13,652 INFO L895 garLoopResultBuilder]: At program point L215(lines 215 232) the Hoare annotation is: (let ((.cse8 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse6 (not (= ~methaneLevelCritical~0 1))) (.cse3 (and .cse8 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (< ~waterLevel~0 2))) (.cse5 (not (= |old(~pumpRunning~0)| 1))) (.cse7 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 (not (= 2 ~waterLevel~0)) .cse3) (or .cse4 .cse5 .cse6 .cse3 .cse7) (or .cse0 .cse1 .cse2 .cse8 (not (<= ~waterLevel~0 1))) (or .cse0 .cse1 .cse4 .cse6 .cse3) (or .cse2 .cse4 .cse8 .cse5 .cse7)))) [2022-11-16 20:06:13,652 INFO L895 garLoopResultBuilder]: At program point L230(line 230) the Hoare annotation is: (let ((.cse6 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (and .cse6 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (.cse1 (not (= 1 ~systemActive~0))) (.cse3 (not (< ~waterLevel~0 2))) (.cse4 (not (= |old(~pumpRunning~0)| 1))) (.cse5 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 (not (= 2 ~waterLevel~0)) .cse2) (or .cse3 .cse4 (not (= ~methaneLevelCritical~0 1)) .cse2 .cse5) (or .cse0 .cse1 (not (<= ~waterLevel~0 1)) .cse2) (or .cse1 .cse3 .cse6 .cse4 .cse5)))) [2022-11-16 20:06:13,652 INFO L899 garLoopResultBuilder]: For program point L230-1(lines 211 235) no Hoare annotation was computed. [2022-11-16 20:06:13,652 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 211 235) no Hoare annotation was computed. [2022-11-16 20:06:13,652 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 414 425) no Hoare annotation was computed. [2022-11-16 20:06:13,653 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 414 425) the Hoare annotation is: (let ((.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse5 (not (= ~pumpRunning~0 1))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse6 (not (= ~methaneLevelCritical~0 0))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse1 .cse5 .cse2 .cse3 .cse4) (or .cse1 .cse6 .cse5 .cse3 .cse4) (or .cse0 .cse1 .cse6 .cse3 .cse4))) [2022-11-16 20:06:13,653 INFO L895 garLoopResultBuilder]: At program point L256(line 256) the Hoare annotation is: (let ((.cse4 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (< ~waterLevel~0 2))) (.cse3 (and .cse4 (not (= ~methaneLevelCritical~0 ~systemActive~0))))) (and (or .cse0 .cse1 .cse2 (not (= 2 ~waterLevel~0)) .cse3) (or .cse0 .cse1 .cse2 .cse4 (not (<= ~waterLevel~0 1))) (or .cse0 .cse1 .cse5 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse2 .cse5 (not (= |old(~pumpRunning~0)| 1)) .cse3)))) [2022-11-16 20:06:13,653 INFO L899 garLoopResultBuilder]: For program point L256-1(lines 237 261) no Hoare annotation was computed. [2022-11-16 20:06:13,653 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__lowWaterSensorENTRY(lines 237 261) the Hoare annotation is: (let ((.cse4 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (not (= 2 ~waterLevel~0))) (.cse7 (not (= ~methaneLevelCritical~0 1))) (.cse8 (and .cse4 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (< ~waterLevel~0 2))) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse7 .cse8 .cse9) (or .cse0 .cse1 .cse2 .cse4 (not (<= ~waterLevel~0 1))) (or .cse0 .cse1 .cse5 .cse7 .cse8) (or .cse0 .cse1 .cse3 .cse7 .cse8) (or .cse2 .cse5 .cse4 .cse6 .cse9)))) [2022-11-16 20:06:13,653 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__lowWaterSensorEXIT(lines 237 261) no Hoare annotation was computed. [2022-11-16 20:06:13,654 INFO L895 garLoopResultBuilder]: At program point L251(line 251) the Hoare annotation is: (let ((.cse6 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (and .cse6 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (.cse1 (not (= 1 ~systemActive~0))) (.cse3 (not (< ~waterLevel~0 2))) (.cse4 (not (= |old(~pumpRunning~0)| 1))) (.cse5 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 (not (= 2 ~waterLevel~0)) .cse2) (or .cse3 .cse4 (not (= ~methaneLevelCritical~0 1)) .cse2 .cse5) (or .cse0 .cse1 (not (<= ~waterLevel~0 1)) .cse2) (or .cse1 .cse3 .cse6 .cse4 .cse5)))) [2022-11-16 20:06:13,654 INFO L895 garLoopResultBuilder]: At program point L247(line 247) the Hoare annotation is: (let ((.cse6 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (and .cse6 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (.cse1 (not (= 1 ~systemActive~0))) (.cse3 (not (< ~waterLevel~0 2))) (.cse4 (not (= |old(~pumpRunning~0)| 1))) (.cse5 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 (not (= 2 ~waterLevel~0)) .cse2) (or .cse3 .cse4 (not (= ~methaneLevelCritical~0 1)) .cse2 .cse5) (or .cse0 .cse1 (not (<= ~waterLevel~0 1)) .cse2) (or .cse1 .cse3 .cse6 .cse4 .cse5)))) [2022-11-16 20:06:13,654 INFO L899 garLoopResultBuilder]: For program point L245(lines 245 253) no Hoare annotation was computed. [2022-11-16 20:06:13,654 INFO L895 garLoopResultBuilder]: At program point L241(lines 241 258) the Hoare annotation is: (let ((.cse4 (not (= ~methaneLevelCritical~0 0)))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (not (= 2 ~waterLevel~0))) (.cse7 (not (= ~methaneLevelCritical~0 1))) (.cse8 (and .cse4 (not (= ~methaneLevelCritical~0 ~systemActive~0)))) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (< ~waterLevel~0 2))) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse7 .cse8 .cse9) (or .cse0 .cse1 .cse2 .cse4 (not (<= ~waterLevel~0 1))) (or .cse0 .cse1 .cse5 .cse7 .cse8) (or .cse0 .cse1 .cse3 .cse7 .cse8) (or .cse2 .cse5 .cse4 .cse6 .cse9)))) [2022-11-16 20:06:13,658 INFO L444 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 20:06:13,660 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-16 20:06:13,707 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 08:06:13 BoogieIcfgContainer [2022-11-16 20:06:13,707 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-16 20:06:13,708 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-16 20:06:13,708 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-16 20:06:13,708 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-16 20:06:13,708 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 08:02:18" (3/4) ... [2022-11-16 20:06:13,711 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-16 20:06:13,716 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-16 20:06:13,717 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-16 20:06:13,717 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-16 20:06:13,717 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-16 20:06:13,717 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-16 20:06:13,717 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-16 20:06:13,718 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 20:06:13,718 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-16 20:06:13,718 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2022-11-16 20:06:13,725 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 78 nodes and edges [2022-11-16 20:06:13,725 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 27 nodes and edges [2022-11-16 20:06:13,726 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 13 nodes and edges [2022-11-16 20:06:13,726 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-16 20:06:13,727 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-16 20:06:13,727 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 20:06:13,728 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 20:06:13,752 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((unknown-#memory_int-unknown[14][3] == 84 && unknown-#memory_int-unknown[6][2] == 102) && unknown-#memory_int-unknown[11][1] == 0) && 1 == \valid[5]) && 32 == unknown-#memory_int-unknown[10][1]) && unknown-#length-unknown[3] == 12) && unknown-#memory_int-unknown[9][0] == 79) && \valid[15] == 1) && 112 == unknown-#memory_int-unknown[7][4]) && unknown-#memory_int-unknown[6][0] == 79) && 3 == unknown-#length-unknown[10]) && pumpRunning == 0) && \valid[26] == 1) && unknown-#memory_int-unknown[7][1] == 80) && 58 == unknown-#memory_int-unknown[13][5]) && unknown-#length-unknown[8] == 3) && unknown-#length-unknown[6] == 4) && \valid[9] == 1) && unknown-#length-unknown[4] == 13) && 117 == unknown-#memory_int-unknown[7][2]) && unknown-#memory_int-unknown[5][2] == 0) && 7 == unknown-#length-unknown[7]) && 7 == unknown-#length-unknown[13]) && 110 == unknown-#memory_int-unknown[8][1]) && unknown-#memory_int-unknown[6][1] == 102) && \valid[11] == 1) && \valid[27] == 1) && methaneLevelCritical == 0) && 58 == unknown-#memory_int-unknown[7][5]) && unknown-#memory_int-unknown[8][0] == 79) && 30 == unknown-#length-unknown[23]) && 41 == unknown-#memory_int-unknown[16][0]) && 44 == unknown-#memory_int-unknown[7][0]) && unknown-#length-unknown[24] == 9) && 31 == unknown-#length-unknown[2]) && head == 0) && 44 == unknown-#memory_int-unknown[13][0]) && unknown-#memory_int-unknown[11][0] == 10) && unknown-#memory_int-unknown[14][4] == 0) && 2 == unknown-#length-unknown[1]) && unknown-#length-unknown[17] == 30) && 73 == unknown-#memory_int-unknown[14][2]) && 9 == unknown-#length-unknown[18]) && unknown-#length-unknown[19] == 21) && \valid[3] == 1) && \valid[7] == 1) && unknown-#length-unknown[22] == 21) && \valid[18] == 1) && \valid[22] == 1) && 3 == unknown-#length-unknown[5]) && 30 == unknown-#length-unknown[26]) && 77 == unknown-#memory_int-unknown[13][1]) && 2 == unknown-#length-unknown[11]) && 1 == systemActive) && unknown-#length-unknown[15] == 3) && \valid[24] == 1) && unknown-#memory_int-unknown[9][3] == 0) && \valid[12] == 1) && tmp == \result) && \valid[28] == 1) && unknown-#memory_int-unknown[14][1] == 82) && \valid[4] == 1) && unknown-#memory_int-unknown[9][1] == 102) && unknown-#memory_int-unknown[8][2] == 0) && unknown-#memory_int-unknown[16][1] == 0) && 101 == unknown-#memory_int-unknown[13][2]) && 25 == unknown-#length-unknown[25]) && \valid[1] == 1) && unknown-#memory_int-unknown[7][6] == 0) && unknown-#memory_int-unknown[9][2] == 102) && \valid[20] == 1) && unknown-#memory_int-unknown[5][0] == 79) && unknown-#length-unknown[12] == 13) && 2 == unknown-#length-unknown[16]) && \valid[21] == 1) && unknown-#length-unknown[9] == 4) && 104 == unknown-#memory_int-unknown[13][4]) && unknown-#length-unknown[21] == 9) && \valid[14] == 1) && retValue_acc == \result) && 116 == unknown-#memory_int-unknown[13][3]) && 5 == unknown-#length-unknown[14]) && \valid[0] == 0) && 30 == unknown-#length-unknown[20]) && \valid[25] == 1) && head == 0) && \valid[2] == 1) && #NULL == 0) && unknown-#memory_int-unknown[14][0] == 67) && waterLevel == 1) && retValue_acc == 1) && unknown-#memory_int-unknown[10][2] == 0) && unknown-#length-unknown[27] == 9) && unknown-#memory_int-unknown[1][0] == 48) && \valid[23] == 1) && \valid[19] == 1) && unknown-#memory_int-unknown[15][1] == 75) && 109 == unknown-#memory_int-unknown[7][3]) && unknown-#memory_int-unknown[6][3] == 0) && 0 == unknown-#memory_int-unknown[13][6]) && \valid[16] == 1) && unknown-#memory_int-unknown[15][2] == 0) && \valid[6] == 1) && unknown-#memory_int-unknown[1][1] == 0) && unknown-#memory_int-unknown[15][0] == 79) && unknown-#memory_int-unknown[10][0] == 41) && \valid[17] == 1) && \valid[10] == 1) && unknown-#memory_int-unknown[5][1] == 110) && \valid[8] == 1) && unknown-#length-unknown[28] == 25) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0 [2022-11-16 20:06:13,752 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) && (((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && (((((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) [2022-11-16 20:06:13,753 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) && ((((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) || (((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && waterLevel < 2) && tmp == 0)) || (((waterLevel <= \old(waterLevel) && waterLevel < 2) && tmp == 0) && pumpRunning == 1))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1))) && (((((((2 == waterLevel && \old(waterLevel) == waterLevel) && pumpRunning == 1) || ((pumpRunning == 0 && waterLevel <= 1) && \old(waterLevel) == waterLevel)) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) < 3))) && ((((((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) || ((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && waterLevel < 2)) || (((waterLevel <= \old(waterLevel) && waterLevel < 2) && tmp == 0) && pumpRunning == 1)) [2022-11-16 20:06:13,754 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || !(methaneLevelCritical == 0)) && ((((!(waterLevel < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || pumpRunning == 1)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 1))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel < 2)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(2 == waterLevel)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && ((((!(1 == systemActive) || !(waterLevel < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || pumpRunning == 1) [2022-11-16 20:06:13,754 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) || (((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) && pumpRunning == 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && (((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) || ((aux-isMethaneLevelCritical()-aux == 0 && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == 1))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) [2022-11-16 20:06:13,754 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && ((((!(waterLevel < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || pumpRunning == 1)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 1))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel < 2)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && ((((!(1 == systemActive) || !(waterLevel < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || pumpRunning == 1) [2022-11-16 20:06:13,754 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(methaneLevelCritical == 0)) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || (methaneLevelCritical == tmp && pumpRunning == 1))) && (((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && waterLevel < 2) && methaneLevelCritical == tmp) || ((((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))))) || ((((waterLevel <= \old(waterLevel) && waterLevel < 2) && methaneLevelCritical == tmp) && tmp == 0) && pumpRunning == 1))) && ((((((((2 <= waterLevel && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp) && pumpRunning == 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || !(\old(waterLevel) < 3))) && ((((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && waterLevel < 2) && methaneLevelCritical == tmp) && tmp == 0)) || ((((waterLevel <= \old(waterLevel) && waterLevel < 2) && methaneLevelCritical == tmp) && tmp == 0) && pumpRunning == 1)) [2022-11-16 20:06:13,755 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((waterLevel <= \old(waterLevel) && waterLevel < 2) && tmp___0 <= 1) && methaneLevelCritical == tmp) && tmp == 0) && pumpRunning == 1) || ((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)))) || ((((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && 1 == systemActive) && waterLevel < 2) && tmp___0 <= 1) && methaneLevelCritical == tmp) && tmp == 0)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || ((\old(waterLevel) == waterLevel && methaneLevelCritical == tmp) && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || (((pumpRunning == 0 && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp))) && ((((((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) || ((((waterLevel <= \old(waterLevel) && waterLevel < 2) && methaneLevelCritical == tmp) && tmp == 0) && pumpRunning == 1)) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && 1 == systemActive) && waterLevel < 2) && methaneLevelCritical == tmp))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || ((((pumpRunning == 0 && 1 == systemActive) && \old(waterLevel) == waterLevel) && tmp___0 <= 1) && methaneLevelCritical == tmp))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || ((\old(waterLevel) == waterLevel && methaneLevelCritical == tmp) && pumpRunning == 1)) [2022-11-16 20:06:13,755 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || ((((pumpRunning == 0 && methaneLevelCritical == 0) && \old(waterLevel) == waterLevel) && tmp___0 <= 1) && methaneLevelCritical == tmp)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || ((\old(waterLevel) == waterLevel && methaneLevelCritical == tmp) && pumpRunning == 1))) && (((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && (((((((waterLevel <= \old(waterLevel) && waterLevel < 2) && tmp___0 <= 1) && methaneLevelCritical == tmp) && tmp == 0) && pumpRunning == 1) || (((((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && waterLevel < 2) && tmp___0 <= 1) && methaneLevelCritical == tmp) && tmp == 0)) || ((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(\old(pumpRunning) == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) [2022-11-16 20:06:13,756 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(\old(pumpRunning) == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) [2022-11-16 20:06:13,757 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(2 == waterLevel) || ((pumpRunning == 0 || !(0 < waterLevel)) && tmp == 1)) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || (!(\old(pumpRunning) == 0) && 0 < waterLevel)) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == systemActive)) || (pumpRunning == 0 && tmp == 0)) || !(methaneLevelCritical == 1)) || !(waterLevel <= 1))) && ((((!(1 == systemActive) || !(2 == waterLevel)) || ((pumpRunning == 0 || !(0 < waterLevel)) && tmp == 1)) || !(methaneLevelCritical == 0)) || (!(\old(pumpRunning) == 0) && 0 < waterLevel))) && (((!(1 == systemActive) || !(waterLevel < 2)) || !(\old(pumpRunning) == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (pumpRunning == 0 && tmp == 0)) || !(waterLevel <= 1)) [2022-11-16 20:06:13,781 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/witness.graphml [2022-11-16 20:06:13,781 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-16 20:06:13,782 INFO L158 Benchmark]: Toolchain (without parser) took 237345.85ms. Allocated memory was 125.8MB in the beginning and 824.2MB in the end (delta: 698.4MB). Free memory was 87.8MB in the beginning and 629.4MB in the end (delta: -541.7MB). Peak memory consumption was 155.8MB. Max. memory is 16.1GB. [2022-11-16 20:06:13,782 INFO L158 Benchmark]: CDTParser took 0.27ms. Allocated memory is still 125.8MB. Free memory is still 104.7MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-16 20:06:13,783 INFO L158 Benchmark]: CACSL2BoogieTranslator took 638.57ms. Allocated memory is still 125.8MB. Free memory was 87.6MB in the beginning and 92.4MB in the end (delta: -4.8MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-16 20:06:13,783 INFO L158 Benchmark]: Boogie Procedure Inliner took 66.31ms. Allocated memory is still 125.8MB. Free memory was 91.8MB in the beginning and 89.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-16 20:06:13,783 INFO L158 Benchmark]: Boogie Preprocessor took 45.15ms. Allocated memory is still 125.8MB. Free memory was 89.7MB in the beginning and 87.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-16 20:06:13,784 INFO L158 Benchmark]: RCFGBuilder took 860.28ms. Allocated memory is still 125.8MB. Free memory was 87.6MB in the beginning and 54.6MB in the end (delta: 33.0MB). Peak memory consumption was 31.5MB. Max. memory is 16.1GB. [2022-11-16 20:06:13,784 INFO L158 Benchmark]: TraceAbstraction took 235648.60ms. Allocated memory was 125.8MB in the beginning and 824.2MB in the end (delta: 698.4MB). Free memory was 54.1MB in the beginning and 634.7MB in the end (delta: -580.6MB). Peak memory consumption was 462.2MB. Max. memory is 16.1GB. [2022-11-16 20:06:13,785 INFO L158 Benchmark]: Witness Printer took 74.09ms. Allocated memory is still 824.2MB. Free memory was 634.7MB in the beginning and 629.4MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-16 20:06:13,786 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.27ms. Allocated memory is still 125.8MB. Free memory is still 104.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 638.57ms. Allocated memory is still 125.8MB. Free memory was 87.6MB in the beginning and 92.4MB in the end (delta: -4.8MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 66.31ms. Allocated memory is still 125.8MB. Free memory was 91.8MB in the beginning and 89.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 45.15ms. Allocated memory is still 125.8MB. Free memory was 89.7MB in the beginning and 87.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 860.28ms. Allocated memory is still 125.8MB. Free memory was 87.6MB in the beginning and 54.6MB in the end (delta: 33.0MB). Peak memory consumption was 31.5MB. Max. memory is 16.1GB. * TraceAbstraction took 235648.60ms. Allocated memory was 125.8MB in the beginning and 824.2MB in the end (delta: 698.4MB). Free memory was 54.1MB in the beginning and 634.7MB in the end (delta: -580.6MB). Peak memory consumption was 462.2MB. Max. memory is 16.1GB. * Witness Printer took 74.09ms. Allocated memory is still 824.2MB. Free memory was 634.7MB in the beginning and 629.4MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 69 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 235.5s, OverallIterations: 14, TraceHistogramMax: 4, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.1s, AutomataDifference: 60.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 56.6s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 3435 SdHoareTripleChecker+Valid, 11.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 3395 mSDsluCounter, 3909 SdHoareTripleChecker+Invalid, 10.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3002 mSDsCounter, 1990 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 10027 IncrementalHoareTripleChecker+Invalid, 12017 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1990 mSolverCounterUnsat, 907 mSDtfsCounter, 10027 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1303 GetRequests, 826 SyntacticMatches, 23 SemanticMatches, 454 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 17974 ImplicationChecksByTransitivity, 120.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1491occurred in iteration=12, InterpolantAutomatonStates: 285, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 1.5s AutomataMinimizationTime, 14 MinimizatonAttempts, 1374 StatesRemovedByMinimization, 10 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 41 LocationsWithAnnotation, 3566 PreInvPairs, 3711 NumberOfFragments, 4537 HoareAnnotationTreeSize, 3566 FomulaSimplifications, 23106 FormulaSimplificationTreeSizeReduction, 8.6s HoareSimplificationTime, 41 FomulaSimplificationsInter, 414630 FormulaSimplificationTreeSizeReductionInter, 47.7s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.7s SatisfiabilityAnalysisTime, 7.1s InterpolantComputationTime, 1160 NumberOfCodeBlocks, 1160 NumberOfCodeBlocksAsserted, 20 NumberOfCheckSat, 1398 ConstructedInterpolants, 0 QuantifiedInterpolants, 4735 SizeOfPredicates, 41 NumberOfNonLiveVariables, 2703 ConjunctsInSsa, 142 ConjunctsInUnsatCore, 24 InterpolantComputations, 10 PerfectInterpolantSequences, 411/532 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: OVERALL_TIME: 20.0s, ICFG_INTERPRETER_ENTERED_PROCEDURES: 12, DAG_INTERPRETER_EARLY_EXIT_QUERIES_NONTRIVIAL: 103, DAG_INTERPRETER_EARLY_EXITS: 5, TOOLS_POST_APPLICATIONS: 125, TOOLS_POST_TIME: 5.8s, TOOLS_POST_CALL_APPLICATIONS: 61, TOOLS_POST_CALL_TIME: 8.5s, TOOLS_POST_RETURN_APPLICATIONS: 50, TOOLS_POST_RETURN_TIME: 3.9s, TOOLS_QUANTIFIERELIM_APPLICATIONS: 236, TOOLS_QUANTIFIERELIM_TIME: 18.0s, TOOLS_QUANTIFIERELIM_MAX_TIME: 0.8s, FLUID_QUERY_TIME: 0.0s, FLUID_QUERIES: 305, FLUID_YES_ANSWERS: 0, DOMAIN_JOIN_APPLICATIONS: 44, DOMAIN_JOIN_TIME: 1.3s, DOMAIN_ALPHA_APPLICATIONS: 0, DOMAIN_ALPHA_TIME: 0.0s, DOMAIN_WIDEN_APPLICATIONS: 1, DOMAIN_WIDEN_TIME: 0.0s, DOMAIN_ISSUBSETEQ_APPLICATIONS: 3, DOMAIN_ISSUBSETEQ_TIME: 0.0s, DOMAIN_ISBOTTOM_APPLICATIONS: 103, DOMAIN_ISBOTTOM_TIME: 0.3s, LOOP_SUMMARIZER_APPLICATIONS: 2, LOOP_SUMMARIZER_CACHE_MISSES: 2, LOOP_SUMMARIZER_OVERALL_TIME: 10.8s, LOOP_SUMMARIZER_NEW_COMPUTATION_TIME: 10.8s, LOOP_SUMMARIZER_FIXPOINT_ITERATIONS: 3, CALL_SUMMARIZER_APPLICATIONS: 50, CALL_SUMMARIZER_CACHE_MISSES: 12, CALL_SUMMARIZER_OVERALL_TIME: 0.2s, CALL_SUMMARIZER_NEW_COMPUTATION_TIME: 0.2s, PROCEDURE_GRAPH_BUILDER_TIME: 0.0s, PATH_EXPR_TIME: 0.0s, REGEX_TO_DAG_TIME: 0.0s, DAG_COMPRESSION_TIME: 0.0s, DAG_COMPRESSION_PROCESSED_NODES: 1329, DAG_COMPRESSION_RETAINED_NODES: 278, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 241]: Loop Invariant Derived loop invariant: ((((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || !(methaneLevelCritical == 0)) && ((((!(waterLevel < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || pumpRunning == 1)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 1))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel < 2)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(2 == waterLevel)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && ((((!(1 == systemActive) || !(waterLevel < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || pumpRunning == 1) - InvariantResult [Line: 512]: Loop Invariant Derived loop invariant: ((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(methaneLevelCritical == 0)) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || (methaneLevelCritical == tmp && pumpRunning == 1))) && (((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && waterLevel < 2) && methaneLevelCritical == tmp) || ((((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))))) || ((((waterLevel <= \old(waterLevel) && waterLevel < 2) && methaneLevelCritical == tmp) && tmp == 0) && pumpRunning == 1))) && ((((((((2 <= waterLevel && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp) && pumpRunning == 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || !(\old(waterLevel) < 3))) && ((((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && waterLevel < 2) && methaneLevelCritical == tmp) && tmp == 0)) || ((((waterLevel <= \old(waterLevel) && waterLevel < 2) && methaneLevelCritical == tmp) && tmp == 0) && pumpRunning == 1)) - InvariantResult [Line: 54]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(\old(pumpRunning) == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) - InvariantResult [Line: 215]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && ((((!(waterLevel < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || pumpRunning == 1)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 1))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel < 2)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && ((((!(1 == systemActive) || !(waterLevel < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || pumpRunning == 1) - InvariantResult [Line: 110]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 985]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 101]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 179]: Loop Invariant Derived loop invariant: ((((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) && (((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && (((((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) - InvariantResult [Line: 309]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) || (((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) && pumpRunning == 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && (((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) || ((aux-isMethaneLevelCritical()-aux == 0 && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == 1))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) - InvariantResult [Line: 111]: Loop Invariant Derived loop invariant: (((((1 == systemActive && splverifierCounter == 0) && waterLevel < 2) && (methaneLevelCritical == systemActive || methaneLevelCritical == 0)) && pumpRunning == 1) || ((((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) && (methaneLevelCritical == systemActive || methaneLevelCritical == 0))) || ((((2 == waterLevel && 1 == systemActive) && splverifierCounter == 0) && (methaneLevelCritical == systemActive || methaneLevelCritical == 0)) && pumpRunning == 1) - InvariantResult [Line: 263]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) && ((((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) || (((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && waterLevel < 2) && tmp == 0)) || (((waterLevel <= \old(waterLevel) && waterLevel < 2) && tmp == 0) && pumpRunning == 1))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1))) && (((((((2 == waterLevel && \old(waterLevel) == waterLevel) && pumpRunning == 1) || ((pumpRunning == 0 && waterLevel <= 1) && \old(waterLevel) == waterLevel)) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) < 3))) && ((((((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) || ((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && waterLevel < 2)) || (((waterLevel <= \old(waterLevel) && waterLevel < 2) && tmp == 0) && pumpRunning == 1)) - InvariantResult [Line: 219]: Loop Invariant Derived loop invariant: (((((((!(2 == waterLevel) || ((pumpRunning == 0 || !(0 < waterLevel)) && tmp == 1)) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || (!(\old(pumpRunning) == 0) && 0 < waterLevel)) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == systemActive)) || (pumpRunning == 0 && tmp == 0)) || !(methaneLevelCritical == 1)) || !(waterLevel <= 1))) && ((((!(1 == systemActive) || !(2 == waterLevel)) || ((pumpRunning == 0 || !(0 < waterLevel)) && tmp == 1)) || !(methaneLevelCritical == 0)) || (!(\old(pumpRunning) == 0) && 0 < waterLevel))) && (((!(1 == systemActive) || !(waterLevel < 2)) || !(\old(pumpRunning) == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (pumpRunning == 0 && tmp == 0)) || !(waterLevel <= 1)) - InvariantResult [Line: 503]: Loop Invariant Derived loop invariant: (((((((((((waterLevel <= \old(waterLevel) && waterLevel < 2) && tmp___0 <= 1) && methaneLevelCritical == tmp) && tmp == 0) && pumpRunning == 1) || ((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)))) || ((((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && 1 == systemActive) && waterLevel < 2) && tmp___0 <= 1) && methaneLevelCritical == tmp) && tmp == 0)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || ((\old(waterLevel) == waterLevel && methaneLevelCritical == tmp) && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || (((pumpRunning == 0 && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp))) && ((((((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) || ((((waterLevel <= \old(waterLevel) && waterLevel < 2) && methaneLevelCritical == tmp) && tmp == 0) && pumpRunning == 1)) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && 1 == systemActive) && waterLevel < 2) && methaneLevelCritical == tmp))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || ((((pumpRunning == 0 && 1 == systemActive) && \old(waterLevel) == waterLevel) && tmp___0 <= 1) && methaneLevelCritical == tmp))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || ((\old(waterLevel) == waterLevel && methaneLevelCritical == tmp) && pumpRunning == 1)) - InvariantResult [Line: 518]: Loop Invariant Derived loop invariant: ((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || ((((pumpRunning == 0 && methaneLevelCritical == 0) && \old(waterLevel) == waterLevel) && tmp___0 <= 1) && methaneLevelCritical == tmp)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) || ((\old(waterLevel) == waterLevel && methaneLevelCritical == tmp) && pumpRunning == 1))) && (((!(\old(pumpRunning) == 1) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))) && (((((((waterLevel <= \old(waterLevel) && waterLevel < 2) && tmp___0 <= 1) && methaneLevelCritical == tmp) && tmp == 0) && pumpRunning == 1) || (((((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && waterLevel < 2) && tmp___0 <= 1) && methaneLevelCritical == tmp) && tmp == 0)) || ((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(\old(pumpRunning) == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive)))))) && (((!(\old(waterLevel) < 2) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (!(methaneLevelCritical == 0) && !(methaneLevelCritical == systemActive))) - InvariantResult [Line: 985]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((unknown-#memory_int-unknown[14][3] == 84 && unknown-#memory_int-unknown[6][2] == 102) && unknown-#memory_int-unknown[11][1] == 0) && 1 == \valid[5]) && 32 == unknown-#memory_int-unknown[10][1]) && unknown-#length-unknown[3] == 12) && unknown-#memory_int-unknown[9][0] == 79) && \valid[15] == 1) && 112 == unknown-#memory_int-unknown[7][4]) && unknown-#memory_int-unknown[6][0] == 79) && 3 == unknown-#length-unknown[10]) && pumpRunning == 0) && \valid[26] == 1) && unknown-#memory_int-unknown[7][1] == 80) && 58 == unknown-#memory_int-unknown[13][5]) && unknown-#length-unknown[8] == 3) && unknown-#length-unknown[6] == 4) && \valid[9] == 1) && unknown-#length-unknown[4] == 13) && 117 == unknown-#memory_int-unknown[7][2]) && unknown-#memory_int-unknown[5][2] == 0) && 7 == unknown-#length-unknown[7]) && 7 == unknown-#length-unknown[13]) && 110 == unknown-#memory_int-unknown[8][1]) && unknown-#memory_int-unknown[6][1] == 102) && \valid[11] == 1) && \valid[27] == 1) && methaneLevelCritical == 0) && 58 == unknown-#memory_int-unknown[7][5]) && unknown-#memory_int-unknown[8][0] == 79) && 30 == unknown-#length-unknown[23]) && 41 == unknown-#memory_int-unknown[16][0]) && 44 == unknown-#memory_int-unknown[7][0]) && unknown-#length-unknown[24] == 9) && 31 == unknown-#length-unknown[2]) && head == 0) && 44 == unknown-#memory_int-unknown[13][0]) && unknown-#memory_int-unknown[11][0] == 10) && unknown-#memory_int-unknown[14][4] == 0) && 2 == unknown-#length-unknown[1]) && unknown-#length-unknown[17] == 30) && 73 == unknown-#memory_int-unknown[14][2]) && 9 == unknown-#length-unknown[18]) && unknown-#length-unknown[19] == 21) && \valid[3] == 1) && \valid[7] == 1) && unknown-#length-unknown[22] == 21) && \valid[18] == 1) && \valid[22] == 1) && 3 == unknown-#length-unknown[5]) && 30 == unknown-#length-unknown[26]) && 77 == unknown-#memory_int-unknown[13][1]) && 2 == unknown-#length-unknown[11]) && 1 == systemActive) && unknown-#length-unknown[15] == 3) && \valid[24] == 1) && unknown-#memory_int-unknown[9][3] == 0) && \valid[12] == 1) && tmp == \result) && \valid[28] == 1) && unknown-#memory_int-unknown[14][1] == 82) && \valid[4] == 1) && unknown-#memory_int-unknown[9][1] == 102) && unknown-#memory_int-unknown[8][2] == 0) && unknown-#memory_int-unknown[16][1] == 0) && 101 == unknown-#memory_int-unknown[13][2]) && 25 == unknown-#length-unknown[25]) && \valid[1] == 1) && unknown-#memory_int-unknown[7][6] == 0) && unknown-#memory_int-unknown[9][2] == 102) && \valid[20] == 1) && unknown-#memory_int-unknown[5][0] == 79) && unknown-#length-unknown[12] == 13) && 2 == unknown-#length-unknown[16]) && \valid[21] == 1) && unknown-#length-unknown[9] == 4) && 104 == unknown-#memory_int-unknown[13][4]) && unknown-#length-unknown[21] == 9) && \valid[14] == 1) && retValue_acc == \result) && 116 == unknown-#memory_int-unknown[13][3]) && 5 == unknown-#length-unknown[14]) && \valid[0] == 0) && 30 == unknown-#length-unknown[20]) && \valid[25] == 1) && head == 0) && \valid[2] == 1) && #NULL == 0) && unknown-#memory_int-unknown[14][0] == 67) && waterLevel == 1) && retValue_acc == 1) && unknown-#memory_int-unknown[10][2] == 0) && unknown-#length-unknown[27] == 9) && unknown-#memory_int-unknown[1][0] == 48) && \valid[23] == 1) && \valid[19] == 1) && unknown-#memory_int-unknown[15][1] == 75) && 109 == unknown-#memory_int-unknown[7][3]) && unknown-#memory_int-unknown[6][3] == 0) && 0 == unknown-#memory_int-unknown[13][6]) && \valid[16] == 1) && unknown-#memory_int-unknown[15][2] == 0) && \valid[6] == 1) && unknown-#memory_int-unknown[1][1] == 0) && unknown-#memory_int-unknown[15][0] == 79) && unknown-#memory_int-unknown[10][0] == 41) && \valid[17] == 1) && \valid[10] == 1) && unknown-#memory_int-unknown[5][1] == 110) && \valid[8] == 1) && unknown-#length-unknown[28] == 25) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0 - InvariantResult [Line: 914]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 904]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-11-16 20:06:13,827 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30015eff-ab17-420a-a087-d92cdd5f9252/bin/utaipan-Xvt2sAort0/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE