./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 8393723b Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 9cfe95aaca007f6467395901a9efc89e5ad27f0fc32ae7ae8a1fe4e27a1f35c1 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-8393723 [2022-11-19 07:47:32,765 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-19 07:47:32,767 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-19 07:47:32,793 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-19 07:47:32,794 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-19 07:47:32,795 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-19 07:47:32,802 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-19 07:47:32,807 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-19 07:47:32,810 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-19 07:47:32,815 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-19 07:47:32,817 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-19 07:47:32,819 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-19 07:47:32,819 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-19 07:47:32,822 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-19 07:47:32,825 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-19 07:47:32,827 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-19 07:47:32,829 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-19 07:47:32,829 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-19 07:47:32,832 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-19 07:47:32,840 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-19 07:47:32,841 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-19 07:47:32,843 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-19 07:47:32,846 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-19 07:47:32,847 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-19 07:47:32,855 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-19 07:47:32,856 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-19 07:47:32,856 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-19 07:47:32,857 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-19 07:47:32,857 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-19 07:47:32,858 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-19 07:47:32,858 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-19 07:47:32,859 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-19 07:47:32,860 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-19 07:47:32,861 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-19 07:47:32,862 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-19 07:47:32,862 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-19 07:47:32,863 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-19 07:47:32,863 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-19 07:47:32,863 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-19 07:47:32,864 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-19 07:47:32,865 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-19 07:47:32,868 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-19 07:47:32,908 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-19 07:47:32,908 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-19 07:47:32,909 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-19 07:47:32,909 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-19 07:47:32,910 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-19 07:47:32,910 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-19 07:47:32,910 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-19 07:47:32,910 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-19 07:47:32,910 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-19 07:47:32,910 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-19 07:47:32,911 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-19 07:47:32,912 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-19 07:47:32,912 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-19 07:47:32,912 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-19 07:47:32,912 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-19 07:47:32,912 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-19 07:47:32,913 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-19 07:47:32,913 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-19 07:47:32,913 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-19 07:47:32,914 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-19 07:47:32,914 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-19 07:47:32,914 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-19 07:47:32,914 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-19 07:47:32,914 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-19 07:47:32,915 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-19 07:47:32,915 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-19 07:47:32,915 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-19 07:47:32,915 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-19 07:47:32,915 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-19 07:47:32,915 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-19 07:47:32,916 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-19 07:47:32,916 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-19 07:47:32,916 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-19 07:47:32,916 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-19 07:47:32,917 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-19 07:47:32,917 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-19 07:47:32,917 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-19 07:47:32,917 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-19 07:47:32,917 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-19 07:47:32,917 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-19 07:47:32,918 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-19 07:47:32,918 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 9cfe95aaca007f6467395901a9efc89e5ad27f0fc32ae7ae8a1fe4e27a1f35c1 [2022-11-19 07:47:33,209 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-19 07:47:33,249 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-19 07:47:33,251 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-19 07:47:33,252 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-19 07:47:33,253 INFO L275 PluginConnector]: CDTParser initialized [2022-11-19 07:47:33,255 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/../../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c [2022-11-19 07:47:33,352 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/data/73114463d/f8007cb9f8f641309c0e302ce76ac724/FLAGfb55c5b28 [2022-11-19 07:47:33,840 INFO L306 CDTParser]: Found 1 translation units. [2022-11-19 07:47:33,841 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c [2022-11-19 07:47:33,852 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/data/73114463d/f8007cb9f8f641309c0e302ce76ac724/FLAGfb55c5b28 [2022-11-19 07:47:34,152 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/data/73114463d/f8007cb9f8f641309c0e302ce76ac724 [2022-11-19 07:47:34,155 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-19 07:47:34,158 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-19 07:47:34,162 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-19 07:47:34,162 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-19 07:47:34,166 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-19 07:47:34,166 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,168 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3425a5f9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34, skipping insertion in model container [2022-11-19 07:47:34,168 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,175 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-19 07:47:34,212 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-19 07:47:34,407 WARN L234 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c[1605,1618] [2022-11-19 07:47:34,609 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-19 07:47:34,618 INFO L203 MainTranslator]: Completed pre-run [2022-11-19 07:47:34,637 WARN L234 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c[1605,1618] [2022-11-19 07:47:34,713 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-19 07:47:34,730 INFO L208 MainTranslator]: Completed translation [2022-11-19 07:47:34,733 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34 WrapperNode [2022-11-19 07:47:34,733 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-19 07:47:34,740 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-19 07:47:34,740 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-19 07:47:34,740 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-19 07:47:34,748 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,763 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,792 INFO L138 Inliner]: procedures = 58, calls = 102, calls flagged for inlining = 26, calls inlined = 22, statements flattened = 209 [2022-11-19 07:47:34,796 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-19 07:47:34,798 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-19 07:47:34,798 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-19 07:47:34,798 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-19 07:47:34,805 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,805 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,808 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,808 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,813 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,823 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,824 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,825 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,828 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-19 07:47:34,829 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-19 07:47:34,829 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-19 07:47:34,829 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-19 07:47:34,830 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (1/1) ... [2022-11-19 07:47:34,837 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-19 07:47:34,853 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 07:47:34,883 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-19 07:47:34,885 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-19 07:47:34,919 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-19 07:47:34,919 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-19 07:47:34,919 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-19 07:47:34,920 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-19 07:47:34,920 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-19 07:47:34,920 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-19 07:47:34,920 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-19 07:47:34,920 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-19 07:47:34,921 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-19 07:47:34,921 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-19 07:47:34,921 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-19 07:47:34,921 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-19 07:47:34,921 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-19 07:47:34,922 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-19 07:47:34,922 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-19 07:47:34,922 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-19 07:47:34,922 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-19 07:47:34,923 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-19 07:47:34,997 INFO L235 CfgBuilder]: Building ICFG [2022-11-19 07:47:34,998 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-19 07:47:35,269 INFO L276 CfgBuilder]: Performing block encoding [2022-11-19 07:47:35,459 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-19 07:47:35,459 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-19 07:47:35,462 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 07:47:35 BoogieIcfgContainer [2022-11-19 07:47:35,462 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-19 07:47:35,464 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-19 07:47:35,464 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-19 07:47:35,468 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-19 07:47:35,469 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 19.11 07:47:34" (1/3) ... [2022-11-19 07:47:35,469 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7921b1b4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.11 07:47:35, skipping insertion in model container [2022-11-19 07:47:35,470 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:47:34" (2/3) ... [2022-11-19 07:47:35,470 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7921b1b4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.11 07:47:35, skipping insertion in model container [2022-11-19 07:47:35,470 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 07:47:35" (3/3) ... [2022-11-19 07:47:35,472 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product50.cil.c [2022-11-19 07:47:35,491 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-19 07:47:35,492 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-19 07:47:35,556 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-19 07:47:35,563 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@66b9e74e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-19 07:47:35,563 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-19 07:47:35,568 INFO L276 IsEmpty]: Start isEmpty. Operand has 58 states, 37 states have (on average 1.4324324324324325) internal successors, (53), 45 states have internal predecessors, (53), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-19 07:47:35,578 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-19 07:47:35,578 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:47:35,579 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:47:35,580 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:47:35,586 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:47:35,586 INFO L85 PathProgramCache]: Analyzing trace with hash -514692415, now seen corresponding path program 1 times [2022-11-19 07:47:35,596 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:47:35,596 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [814287646] [2022-11-19 07:47:35,597 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:35,597 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:47:35,702 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:35,797 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-19 07:47:35,798 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:47:35,799 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [814287646] [2022-11-19 07:47:35,800 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [814287646] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:47:35,800 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:47:35,800 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-19 07:47:35,802 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [362292014] [2022-11-19 07:47:35,803 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:47:35,807 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-19 07:47:35,809 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:47:35,847 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-19 07:47:35,848 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-19 07:47:35,851 INFO L87 Difference]: Start difference. First operand has 58 states, 37 states have (on average 1.4324324324324325) internal successors, (53), 45 states have internal predecessors, (53), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-19 07:47:35,970 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:47:35,971 INFO L93 Difference]: Finished difference Result 114 states and 155 transitions. [2022-11-19 07:47:35,972 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-19 07:47:35,974 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2022-11-19 07:47:35,974 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:47:35,983 INFO L225 Difference]: With dead ends: 114 [2022-11-19 07:47:35,983 INFO L226 Difference]: Without dead ends: 53 [2022-11-19 07:47:35,987 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-19 07:47:35,991 INFO L413 NwaCegarLoop]: 57 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 57 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 07:47:35,992 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 57 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 07:47:36,010 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2022-11-19 07:47:36,041 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 53. [2022-11-19 07:47:36,043 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 53 states, 34 states have (on average 1.3235294117647058) internal successors, (45), 41 states have internal predecessors, (45), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-19 07:47:36,051 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 53 states to 53 states and 68 transitions. [2022-11-19 07:47:36,053 INFO L78 Accepts]: Start accepts. Automaton has 53 states and 68 transitions. Word has length 21 [2022-11-19 07:47:36,054 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:47:36,054 INFO L495 AbstractCegarLoop]: Abstraction has 53 states and 68 transitions. [2022-11-19 07:47:36,055 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-19 07:47:36,056 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 68 transitions. [2022-11-19 07:47:36,061 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-19 07:47:36,062 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:47:36,063 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:47:36,063 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-19 07:47:36,064 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:47:36,065 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:47:36,065 INFO L85 PathProgramCache]: Analyzing trace with hash 738841292, now seen corresponding path program 1 times [2022-11-19 07:47:36,065 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:47:36,066 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [984670896] [2022-11-19 07:47:36,066 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:36,066 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:47:36,115 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:36,277 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-19 07:47:36,277 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:47:36,278 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [984670896] [2022-11-19 07:47:36,278 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [984670896] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:47:36,278 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:47:36,278 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-19 07:47:36,279 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [993166000] [2022-11-19 07:47:36,279 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:47:36,280 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-19 07:47:36,280 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:47:36,281 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-19 07:47:36,281 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 07:47:36,282 INFO L87 Difference]: Start difference. First operand 53 states and 68 transitions. Second operand has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-19 07:47:36,363 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:47:36,364 INFO L93 Difference]: Finished difference Result 83 states and 107 transitions. [2022-11-19 07:47:36,364 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-19 07:47:36,364 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2022-11-19 07:47:36,365 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:47:36,368 INFO L225 Difference]: With dead ends: 83 [2022-11-19 07:47:36,369 INFO L226 Difference]: Without dead ends: 45 [2022-11-19 07:47:36,374 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 07:47:36,376 INFO L413 NwaCegarLoop]: 43 mSDtfsCounter, 7 mSDsluCounter, 34 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 77 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 07:47:36,376 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 77 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 07:47:36,377 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 45 states. [2022-11-19 07:47:36,383 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 45 to 45. [2022-11-19 07:47:36,383 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 45 states, 29 states have (on average 1.3448275862068966) internal successors, (39), 36 states have internal predecessors, (39), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-19 07:47:36,384 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 45 states to 45 states and 57 transitions. [2022-11-19 07:47:36,385 INFO L78 Accepts]: Start accepts. Automaton has 45 states and 57 transitions. Word has length 22 [2022-11-19 07:47:36,385 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:47:36,385 INFO L495 AbstractCegarLoop]: Abstraction has 45 states and 57 transitions. [2022-11-19 07:47:36,385 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-19 07:47:36,386 INFO L276 IsEmpty]: Start isEmpty. Operand 45 states and 57 transitions. [2022-11-19 07:47:36,386 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-11-19 07:47:36,387 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:47:36,387 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:47:36,387 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-19 07:47:36,387 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:47:36,388 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:47:36,388 INFO L85 PathProgramCache]: Analyzing trace with hash 1512610996, now seen corresponding path program 1 times [2022-11-19 07:47:36,388 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:47:36,389 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1448058850] [2022-11-19 07:47:36,389 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:36,389 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:47:36,411 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:36,580 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-19 07:47:36,580 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:47:36,581 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1448058850] [2022-11-19 07:47:36,581 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1448058850] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:47:36,581 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:47:36,581 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-19 07:47:36,582 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [977732342] [2022-11-19 07:47:36,582 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:47:36,582 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-19 07:47:36,583 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:47:36,583 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-19 07:47:36,584 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-19 07:47:36,584 INFO L87 Difference]: Start difference. First operand 45 states and 57 transitions. Second operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-19 07:47:36,755 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:47:36,755 INFO L93 Difference]: Finished difference Result 126 states and 165 transitions. [2022-11-19 07:47:36,756 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-19 07:47:36,756 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 24 [2022-11-19 07:47:36,756 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:47:36,758 INFO L225 Difference]: With dead ends: 126 [2022-11-19 07:47:36,758 INFO L226 Difference]: Without dead ends: 83 [2022-11-19 07:47:36,759 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-19 07:47:36,760 INFO L413 NwaCegarLoop]: 56 mSDtfsCounter, 31 mSDsluCounter, 179 mSDsCounter, 0 mSdLazyCounter, 110 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 32 SdHoareTripleChecker+Valid, 235 SdHoareTripleChecker+Invalid, 116 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 110 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 07:47:36,761 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [32 Valid, 235 Invalid, 116 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 110 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 07:47:36,762 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 83 states. [2022-11-19 07:47:36,776 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 83 to 79. [2022-11-19 07:47:36,777 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 52 states have (on average 1.2692307692307692) internal successors, (66), 59 states have internal predecessors, (66), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2022-11-19 07:47:36,778 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 98 transitions. [2022-11-19 07:47:36,778 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 98 transitions. Word has length 24 [2022-11-19 07:47:36,779 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:47:36,779 INFO L495 AbstractCegarLoop]: Abstraction has 79 states and 98 transitions. [2022-11-19 07:47:36,779 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-19 07:47:36,779 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 98 transitions. [2022-11-19 07:47:36,780 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-19 07:47:36,781 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:47:36,781 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:47:36,781 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-19 07:47:36,781 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:47:36,782 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:47:36,782 INFO L85 PathProgramCache]: Analyzing trace with hash -864113261, now seen corresponding path program 1 times [2022-11-19 07:47:36,782 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:47:36,783 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2140383216] [2022-11-19 07:47:36,783 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:36,783 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:47:36,803 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:37,279 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-19 07:47:37,279 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:47:37,279 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2140383216] [2022-11-19 07:47:37,279 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2140383216] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:47:37,280 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:47:37,280 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-19 07:47:37,280 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1525831318] [2022-11-19 07:47:37,280 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:47:37,280 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-19 07:47:37,281 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:47:37,281 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-19 07:47:37,281 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2022-11-19 07:47:37,281 INFO L87 Difference]: Start difference. First operand 79 states and 98 transitions. Second operand has 10 states, 9 states have (on average 2.7777777777777777) internal successors, (25), 9 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-19 07:47:37,788 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:47:37,788 INFO L93 Difference]: Finished difference Result 232 states and 291 transitions. [2022-11-19 07:47:37,789 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2022-11-19 07:47:37,789 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 2.7777777777777777) internal successors, (25), 9 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 32 [2022-11-19 07:47:37,790 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:47:37,791 INFO L225 Difference]: With dead ends: 232 [2022-11-19 07:47:37,791 INFO L226 Difference]: Without dead ends: 155 [2022-11-19 07:47:37,793 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 66 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=91, Invalid=329, Unknown=0, NotChecked=0, Total=420 [2022-11-19 07:47:37,794 INFO L413 NwaCegarLoop]: 69 mSDtfsCounter, 140 mSDsluCounter, 346 mSDsCounter, 0 mSdLazyCounter, 278 mSolverCounterSat, 36 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 145 SdHoareTripleChecker+Valid, 415 SdHoareTripleChecker+Invalid, 314 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 36 IncrementalHoareTripleChecker+Valid, 278 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-19 07:47:37,794 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [145 Valid, 415 Invalid, 314 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [36 Valid, 278 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-19 07:47:37,795 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 155 states. [2022-11-19 07:47:37,815 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 155 to 141. [2022-11-19 07:47:37,816 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 141 states, 93 states have (on average 1.2473118279569892) internal successors, (116), 103 states have internal predecessors, (116), 25 states have call successors, (25), 21 states have call predecessors, (25), 22 states have return successors, (33), 25 states have call predecessors, (33), 25 states have call successors, (33) [2022-11-19 07:47:37,818 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 141 states to 141 states and 174 transitions. [2022-11-19 07:47:37,818 INFO L78 Accepts]: Start accepts. Automaton has 141 states and 174 transitions. Word has length 32 [2022-11-19 07:47:37,819 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:47:37,819 INFO L495 AbstractCegarLoop]: Abstraction has 141 states and 174 transitions. [2022-11-19 07:47:37,819 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 2.7777777777777777) internal successors, (25), 9 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-19 07:47:37,819 INFO L276 IsEmpty]: Start isEmpty. Operand 141 states and 174 transitions. [2022-11-19 07:47:37,821 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-11-19 07:47:37,821 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:47:37,821 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:47:37,821 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-19 07:47:37,822 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:47:37,822 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:47:37,822 INFO L85 PathProgramCache]: Analyzing trace with hash -1101283266, now seen corresponding path program 1 times [2022-11-19 07:47:37,823 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:47:37,823 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1354074739] [2022-11-19 07:47:37,823 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:37,823 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:47:37,836 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:38,169 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-19 07:47:38,169 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:47:38,169 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1354074739] [2022-11-19 07:47:38,170 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1354074739] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:47:38,170 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:47:38,170 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-19 07:47:38,172 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [931759981] [2022-11-19 07:47:38,173 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:47:38,175 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-19 07:47:38,176 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:47:38,176 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-19 07:47:38,176 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-19 07:47:38,177 INFO L87 Difference]: Start difference. First operand 141 states and 174 transitions. Second operand has 8 states, 7 states have (on average 3.5714285714285716) internal successors, (25), 7 states have internal predecessors, (25), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-19 07:47:38,683 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:47:38,683 INFO L93 Difference]: Finished difference Result 355 states and 448 transitions. [2022-11-19 07:47:38,684 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-19 07:47:38,684 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.5714285714285716) internal successors, (25), 7 states have internal predecessors, (25), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 35 [2022-11-19 07:47:38,684 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:47:38,697 INFO L225 Difference]: With dead ends: 355 [2022-11-19 07:47:38,698 INFO L226 Difference]: Without dead ends: 250 [2022-11-19 07:47:38,700 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=67, Invalid=143, Unknown=0, NotChecked=0, Total=210 [2022-11-19 07:47:38,701 INFO L413 NwaCegarLoop]: 63 mSDtfsCounter, 239 mSDsluCounter, 130 mSDsCounter, 0 mSdLazyCounter, 240 mSolverCounterSat, 106 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 244 SdHoareTripleChecker+Valid, 193 SdHoareTripleChecker+Invalid, 346 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 106 IncrementalHoareTripleChecker+Valid, 240 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-19 07:47:38,707 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [244 Valid, 193 Invalid, 346 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [106 Valid, 240 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-19 07:47:38,708 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 250 states. [2022-11-19 07:47:38,768 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 250 to 231. [2022-11-19 07:47:38,770 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 231 states, 154 states have (on average 1.2532467532467533) internal successors, (193), 171 states have internal predecessors, (193), 40 states have call successors, (40), 31 states have call predecessors, (40), 36 states have return successors, (55), 42 states have call predecessors, (55), 40 states have call successors, (55) [2022-11-19 07:47:38,775 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 231 states to 231 states and 288 transitions. [2022-11-19 07:47:38,775 INFO L78 Accepts]: Start accepts. Automaton has 231 states and 288 transitions. Word has length 35 [2022-11-19 07:47:38,775 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:47:38,776 INFO L495 AbstractCegarLoop]: Abstraction has 231 states and 288 transitions. [2022-11-19 07:47:38,776 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.5714285714285716) internal successors, (25), 7 states have internal predecessors, (25), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-19 07:47:38,776 INFO L276 IsEmpty]: Start isEmpty. Operand 231 states and 288 transitions. [2022-11-19 07:47:38,785 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-19 07:47:38,785 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:47:38,785 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:47:38,786 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-19 07:47:38,787 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:47:38,787 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:47:38,788 INFO L85 PathProgramCache]: Analyzing trace with hash 1104355329, now seen corresponding path program 1 times [2022-11-19 07:47:38,788 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:47:38,788 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [430914428] [2022-11-19 07:47:38,788 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:38,788 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:47:38,820 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:38,890 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-19 07:47:38,890 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:47:38,890 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [430914428] [2022-11-19 07:47:38,890 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [430914428] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:47:38,891 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:47:38,891 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-19 07:47:38,891 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [630963970] [2022-11-19 07:47:38,891 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:47:38,892 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-19 07:47:38,892 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:47:38,893 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-19 07:47:38,893 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 07:47:38,893 INFO L87 Difference]: Start difference. First operand 231 states and 288 transitions. Second operand has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 3 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) [2022-11-19 07:47:38,964 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:47:38,965 INFO L93 Difference]: Finished difference Result 460 states and 580 transitions. [2022-11-19 07:47:38,965 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-19 07:47:38,965 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 3 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) Word has length 52 [2022-11-19 07:47:38,966 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:47:38,967 INFO L225 Difference]: With dead ends: 460 [2022-11-19 07:47:38,967 INFO L226 Difference]: Without dead ends: 231 [2022-11-19 07:47:38,968 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 07:47:38,969 INFO L413 NwaCegarLoop]: 41 mSDtfsCounter, 37 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 41 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-19 07:47:38,970 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [37 Valid, 41 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-19 07:47:38,971 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 231 states. [2022-11-19 07:47:39,000 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 231 to 231. [2022-11-19 07:47:39,001 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 231 states, 154 states have (on average 1.2207792207792207) internal successors, (188), 171 states have internal predecessors, (188), 40 states have call successors, (40), 31 states have call predecessors, (40), 36 states have return successors, (55), 42 states have call predecessors, (55), 40 states have call successors, (55) [2022-11-19 07:47:39,002 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 231 states to 231 states and 283 transitions. [2022-11-19 07:47:39,003 INFO L78 Accepts]: Start accepts. Automaton has 231 states and 283 transitions. Word has length 52 [2022-11-19 07:47:39,003 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:47:39,003 INFO L495 AbstractCegarLoop]: Abstraction has 231 states and 283 transitions. [2022-11-19 07:47:39,004 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 3 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) [2022-11-19 07:47:39,004 INFO L276 IsEmpty]: Start isEmpty. Operand 231 states and 283 transitions. [2022-11-19 07:47:39,005 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2022-11-19 07:47:39,005 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:47:39,005 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:47:39,005 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-19 07:47:39,006 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:47:39,006 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:47:39,006 INFO L85 PathProgramCache]: Analyzing trace with hash 126587872, now seen corresponding path program 1 times [2022-11-19 07:47:39,007 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:47:39,007 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [124076856] [2022-11-19 07:47:39,007 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:39,007 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:47:39,021 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:39,080 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 16 proven. 2 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-11-19 07:47:39,081 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:47:39,081 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [124076856] [2022-11-19 07:47:39,081 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [124076856] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 07:47:39,081 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [313839347] [2022-11-19 07:47:39,082 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:39,082 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 07:47:39,082 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 07:47:39,085 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 07:47:39,109 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-19 07:47:39,189 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:39,192 INFO L263 TraceCheckSpWp]: Trace formula consists of 302 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-19 07:47:39,198 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 07:47:39,323 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 27 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 07:47:39,323 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-19 07:47:39,324 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [313839347] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:47:39,324 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-19 07:47:39,324 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [3] total 4 [2022-11-19 07:47:39,324 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2072564565] [2022-11-19 07:47:39,325 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:47:39,325 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-19 07:47:39,325 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:47:39,333 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-19 07:47:39,333 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-11-19 07:47:39,334 INFO L87 Difference]: Start difference. First operand 231 states and 283 transitions. Second operand has 3 states, 3 states have (on average 15.0) internal successors, (45), 3 states have internal predecessors, (45), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-11-19 07:47:39,429 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:47:39,431 INFO L93 Difference]: Finished difference Result 344 states and 426 transitions. [2022-11-19 07:47:39,432 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-19 07:47:39,432 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 15.0) internal successors, (45), 3 states have internal predecessors, (45), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 60 [2022-11-19 07:47:39,433 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:47:39,435 INFO L225 Difference]: With dead ends: 344 [2022-11-19 07:47:39,435 INFO L226 Difference]: Without dead ends: 221 [2022-11-19 07:47:39,436 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 63 GetRequests, 61 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-11-19 07:47:39,438 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 26 mSDsluCounter, 32 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 26 SdHoareTripleChecker+Valid, 97 SdHoareTripleChecker+Invalid, 35 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 07:47:39,439 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [26 Valid, 97 Invalid, 35 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 07:47:39,441 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 221 states. [2022-11-19 07:47:39,471 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 221 to 221. [2022-11-19 07:47:39,472 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 221 states, 147 states have (on average 1.1904761904761905) internal successors, (175), 163 states have internal predecessors, (175), 38 states have call successors, (38), 31 states have call predecessors, (38), 35 states have return successors, (45), 39 states have call predecessors, (45), 38 states have call successors, (45) [2022-11-19 07:47:39,475 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 221 states to 221 states and 258 transitions. [2022-11-19 07:47:39,475 INFO L78 Accepts]: Start accepts. Automaton has 221 states and 258 transitions. Word has length 60 [2022-11-19 07:47:39,477 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:47:39,477 INFO L495 AbstractCegarLoop]: Abstraction has 221 states and 258 transitions. [2022-11-19 07:47:39,477 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 15.0) internal successors, (45), 3 states have internal predecessors, (45), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-11-19 07:47:39,478 INFO L276 IsEmpty]: Start isEmpty. Operand 221 states and 258 transitions. [2022-11-19 07:47:39,480 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2022-11-19 07:47:39,480 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:47:39,482 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:47:39,497 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2022-11-19 07:47:39,687 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 07:47:39,688 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:47:39,688 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:47:39,688 INFO L85 PathProgramCache]: Analyzing trace with hash 1462786826, now seen corresponding path program 1 times [2022-11-19 07:47:39,688 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:47:39,688 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2139999713] [2022-11-19 07:47:39,689 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:39,689 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:47:39,711 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:39,807 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 7 proven. 1 refuted. 0 times theorem prover too weak. 17 trivial. 0 not checked. [2022-11-19 07:47:39,807 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:47:39,808 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2139999713] [2022-11-19 07:47:39,808 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2139999713] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 07:47:39,808 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [629278335] [2022-11-19 07:47:39,808 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:39,809 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 07:47:39,809 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 07:47:39,810 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 07:47:39,839 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-19 07:47:39,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:39,937 INFO L263 TraceCheckSpWp]: Trace formula consists of 307 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-19 07:47:39,944 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 07:47:40,090 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 18 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 07:47:40,090 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-19 07:47:40,298 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 13 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-19 07:47:40,298 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [629278335] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-19 07:47:40,299 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1898040893] [2022-11-19 07:47:40,322 INFO L159 IcfgInterpreter]: Started Sifa with 41 locations of interest [2022-11-19 07:47:40,323 INFO L166 IcfgInterpreter]: Building call graph [2022-11-19 07:47:40,334 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-19 07:47:40,339 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-19 07:47:40,340 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-19 07:47:43,216 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 50 for LOIs [2022-11-19 07:47:43,226 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 29 for LOIs [2022-11-19 07:47:43,570 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 53 for LOIs [2022-11-19 07:47:43,581 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 72 for LOIs [2022-11-19 07:47:43,992 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 48 for LOIs [2022-11-19 07:47:43,997 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-19 07:47:49,217 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4985#(and (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2)) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| |timeShift_getWaterLevel_#res#1|) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (= ~head~0.offset 0) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 2147483647) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (<= |old(~pumpRunning~0)| 2147483647) (= 1 ~systemActive~0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 2147483648)) (= |timeShift_getWaterLevel_~retValue_acc~5#1| ~waterLevel~0) (<= 0 (+ 2147483648 |timeShift_getWaterLevel_#res#1|)) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= |timeShift_getWaterLevel_~retValue_acc~5#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-19 07:47:49,217 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-19 07:47:49,217 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-19 07:47:49,217 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 11 [2022-11-19 07:47:49,217 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [488349568] [2022-11-19 07:47:49,218 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-19 07:47:49,218 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2022-11-19 07:47:49,218 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:47:49,219 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2022-11-19 07:47:49,219 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=192, Invalid=1530, Unknown=0, NotChecked=0, Total=1722 [2022-11-19 07:47:49,220 INFO L87 Difference]: Start difference. First operand 221 states and 258 transitions. Second operand has 11 states, 8 states have (on average 8.375) internal successors, (67), 9 states have internal predecessors, (67), 4 states have call successors, (15), 3 states have call predecessors, (15), 6 states have return successors, (17), 6 states have call predecessors, (17), 4 states have call successors, (17) [2022-11-19 07:47:50,056 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:47:50,057 INFO L93 Difference]: Finished difference Result 308 states and 364 transitions. [2022-11-19 07:47:50,057 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2022-11-19 07:47:50,057 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 8 states have (on average 8.375) internal successors, (67), 9 states have internal predecessors, (67), 4 states have call successors, (15), 3 states have call predecessors, (15), 6 states have return successors, (17), 6 states have call predecessors, (17), 4 states have call successors, (17) Word has length 63 [2022-11-19 07:47:50,059 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:47:50,065 INFO L225 Difference]: With dead ends: 308 [2022-11-19 07:47:50,066 INFO L226 Difference]: Without dead ends: 306 [2022-11-19 07:47:50,067 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 211 GetRequests, 153 SyntacticMatches, 4 SemanticMatches, 54 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 831 ImplicationChecksByTransitivity, 5.6s TimeCoverageRelationStatistics Valid=296, Invalid=2784, Unknown=0, NotChecked=0, Total=3080 [2022-11-19 07:47:50,070 INFO L413 NwaCegarLoop]: 133 mSDtfsCounter, 142 mSDsluCounter, 544 mSDsCounter, 0 mSdLazyCounter, 658 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 148 SdHoareTripleChecker+Valid, 677 SdHoareTripleChecker+Invalid, 720 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 658 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-19 07:47:50,071 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [148 Valid, 677 Invalid, 720 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 658 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-19 07:47:50,072 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2022-11-19 07:47:50,106 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 279. [2022-11-19 07:47:50,108 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 279 states, 183 states have (on average 1.180327868852459) internal successors, (216), 205 states have internal predecessors, (216), 50 states have call successors, (50), 42 states have call predecessors, (50), 45 states have return successors, (61), 47 states have call predecessors, (61), 50 states have call successors, (61) [2022-11-19 07:47:50,110 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 279 states to 279 states and 327 transitions. [2022-11-19 07:47:50,110 INFO L78 Accepts]: Start accepts. Automaton has 279 states and 327 transitions. Word has length 63 [2022-11-19 07:47:50,111 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:47:50,111 INFO L495 AbstractCegarLoop]: Abstraction has 279 states and 327 transitions. [2022-11-19 07:47:50,111 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 8 states have (on average 8.375) internal successors, (67), 9 states have internal predecessors, (67), 4 states have call successors, (15), 3 states have call predecessors, (15), 6 states have return successors, (17), 6 states have call predecessors, (17), 4 states have call successors, (17) [2022-11-19 07:47:50,111 INFO L276 IsEmpty]: Start isEmpty. Operand 279 states and 327 transitions. [2022-11-19 07:47:50,113 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 81 [2022-11-19 07:47:50,113 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:47:50,114 INFO L195 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:47:50,120 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-19 07:47:50,318 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 07:47:50,319 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:47:50,319 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:47:50,319 INFO L85 PathProgramCache]: Analyzing trace with hash -393213066, now seen corresponding path program 1 times [2022-11-19 07:47:50,320 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:47:50,320 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [488021813] [2022-11-19 07:47:50,320 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:50,320 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:47:50,347 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:50,613 INFO L134 CoverageAnalysis]: Checked inductivity of 65 backedges. 33 proven. 3 refuted. 0 times theorem prover too weak. 29 trivial. 0 not checked. [2022-11-19 07:47:50,613 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:47:50,613 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [488021813] [2022-11-19 07:47:50,614 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [488021813] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 07:47:50,614 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2087463568] [2022-11-19 07:47:50,614 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:50,614 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 07:47:50,614 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 07:47:50,615 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 07:47:50,639 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-19 07:47:50,727 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:47:50,729 INFO L263 TraceCheckSpWp]: Trace formula consists of 384 conjuncts, 18 conjunts are in the unsatisfiable core [2022-11-19 07:47:50,732 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 07:47:50,952 INFO L134 CoverageAnalysis]: Checked inductivity of 65 backedges. 58 proven. 3 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-19 07:47:50,953 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-19 07:47:51,325 INFO L134 CoverageAnalysis]: Checked inductivity of 65 backedges. 45 proven. 3 refuted. 0 times theorem prover too weak. 17 trivial. 0 not checked. [2022-11-19 07:47:51,326 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2087463568] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-19 07:47:51,326 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [640595469] [2022-11-19 07:47:51,332 INFO L159 IcfgInterpreter]: Started Sifa with 37 locations of interest [2022-11-19 07:47:51,332 INFO L166 IcfgInterpreter]: Building call graph [2022-11-19 07:47:51,333 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-19 07:47:51,333 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-19 07:47:51,333 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-19 07:47:53,535 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 56 for LOIs [2022-11-19 07:47:53,545 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 30 for LOIs [2022-11-19 07:47:53,746 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 55 for LOIs [2022-11-19 07:47:53,758 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 29 for LOIs [2022-11-19 07:47:53,783 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-19 07:47:57,979 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6468#(and (<= 0 |old(~pumpRunning~0)|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2)) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| |timeShift_getWaterLevel_#res#1|) (= ~head~0.offset 0) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| |timeShift_getWaterLevel_#res#1|) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 1) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (<= |old(~pumpRunning~0)| 2147483647) (= 1 ~systemActive~0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| ~waterLevel~0) (<= 0 (+ 2147483648 |timeShift_getWaterLevel_#res#1|)) (<= 0 ~pumpRunning~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= |timeShift_getWaterLevel_~retValue_acc~5#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-19 07:47:57,979 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-19 07:47:57,979 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-19 07:47:57,979 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 9, 9] total 20 [2022-11-19 07:47:57,979 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [936057297] [2022-11-19 07:47:57,979 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-19 07:47:57,980 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2022-11-19 07:47:57,980 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:47:57,981 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2022-11-19 07:47:57,982 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=259, Invalid=1997, Unknown=0, NotChecked=0, Total=2256 [2022-11-19 07:47:57,982 INFO L87 Difference]: Start difference. First operand 279 states and 327 transitions. Second operand has 20 states, 20 states have (on average 5.0) internal successors, (100), 20 states have internal predecessors, (100), 7 states have call successors, (18), 5 states have call predecessors, (18), 7 states have return successors, (19), 7 states have call predecessors, (19), 7 states have call successors, (19) [2022-11-19 07:47:59,700 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:47:59,700 INFO L93 Difference]: Finished difference Result 786 states and 1013 transitions. [2022-11-19 07:47:59,700 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 32 states. [2022-11-19 07:47:59,701 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 20 states have (on average 5.0) internal successors, (100), 20 states have internal predecessors, (100), 7 states have call successors, (18), 5 states have call predecessors, (18), 7 states have return successors, (19), 7 states have call predecessors, (19), 7 states have call successors, (19) Word has length 80 [2022-11-19 07:47:59,701 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:47:59,704 INFO L225 Difference]: With dead ends: 786 [2022-11-19 07:47:59,704 INFO L226 Difference]: Without dead ends: 515 [2022-11-19 07:47:59,707 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 293 GetRequests, 219 SyntacticMatches, 1 SemanticMatches, 73 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1794 ImplicationChecksByTransitivity, 5.2s TimeCoverageRelationStatistics Valid=631, Invalid=4919, Unknown=0, NotChecked=0, Total=5550 [2022-11-19 07:47:59,707 INFO L413 NwaCegarLoop]: 58 mSDtfsCounter, 379 mSDsluCounter, 343 mSDsCounter, 0 mSdLazyCounter, 1011 mSolverCounterSat, 272 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 382 SdHoareTripleChecker+Valid, 401 SdHoareTripleChecker+Invalid, 1283 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 272 IncrementalHoareTripleChecker+Valid, 1011 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-11-19 07:47:59,708 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [382 Valid, 401 Invalid, 1283 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [272 Valid, 1011 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-11-19 07:47:59,709 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 515 states. [2022-11-19 07:47:59,748 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 515 to 324. [2022-11-19 07:47:59,749 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 324 states, 214 states have (on average 1.1401869158878504) internal successors, (244), 236 states have internal predecessors, (244), 54 states have call successors, (54), 49 states have call predecessors, (54), 55 states have return successors, (69), 55 states have call predecessors, (69), 54 states have call successors, (69) [2022-11-19 07:47:59,751 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 324 states to 324 states and 367 transitions. [2022-11-19 07:47:59,751 INFO L78 Accepts]: Start accepts. Automaton has 324 states and 367 transitions. Word has length 80 [2022-11-19 07:47:59,752 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:47:59,752 INFO L495 AbstractCegarLoop]: Abstraction has 324 states and 367 transitions. [2022-11-19 07:47:59,752 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 20 states have (on average 5.0) internal successors, (100), 20 states have internal predecessors, (100), 7 states have call successors, (18), 5 states have call predecessors, (18), 7 states have return successors, (19), 7 states have call predecessors, (19), 7 states have call successors, (19) [2022-11-19 07:47:59,752 INFO L276 IsEmpty]: Start isEmpty. Operand 324 states and 367 transitions. [2022-11-19 07:47:59,753 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2022-11-19 07:47:59,753 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:47:59,754 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:47:59,764 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-19 07:47:59,959 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable8 [2022-11-19 07:47:59,960 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:47:59,960 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:47:59,960 INFO L85 PathProgramCache]: Analyzing trace with hash -87770958, now seen corresponding path program 1 times [2022-11-19 07:47:59,961 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:47:59,961 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1896289481] [2022-11-19 07:47:59,961 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:47:59,961 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:47:59,980 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:48:00,978 INFO L134 CoverageAnalysis]: Checked inductivity of 76 backedges. 15 proven. 36 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2022-11-19 07:48:00,978 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:48:00,979 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1896289481] [2022-11-19 07:48:00,979 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1896289481] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 07:48:00,979 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [183817949] [2022-11-19 07:48:00,979 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:48:00,979 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 07:48:00,979 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 07:48:00,983 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 07:48:01,007 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-19 07:48:01,091 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:48:01,094 INFO L263 TraceCheckSpWp]: Trace formula consists of 398 conjuncts, 38 conjunts are in the unsatisfiable core [2022-11-19 07:48:01,097 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 07:48:01,484 INFO L134 CoverageAnalysis]: Checked inductivity of 76 backedges. 55 proven. 15 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-19 07:48:01,485 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-19 07:48:02,151 INFO L134 CoverageAnalysis]: Checked inductivity of 76 backedges. 49 proven. 5 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2022-11-19 07:48:02,151 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [183817949] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-19 07:48:02,151 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2034466907] [2022-11-19 07:48:02,153 INFO L159 IcfgInterpreter]: Started Sifa with 37 locations of interest [2022-11-19 07:48:02,153 INFO L166 IcfgInterpreter]: Building call graph [2022-11-19 07:48:02,154 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-19 07:48:02,154 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-19 07:48:02,154 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-19 07:48:04,235 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 35 for LOIs [2022-11-19 07:48:04,239 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 30 for LOIs [2022-11-19 07:48:04,530 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 40 for LOIs [2022-11-19 07:48:04,535 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 26 for LOIs [2022-11-19 07:48:04,555 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-19 07:48:09,050 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '8856#(and (<= 0 |old(~pumpRunning~0)|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2)) (= |timeShift_getWaterLevel_~retValue_acc~5#1| |timeShift_getWaterLevel_#res#1|) (= ~head~0.offset 0) (<= 1 ~systemActive~0) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| |timeShift_getWaterLevel_#res#1|) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 1) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (<= |old(~pumpRunning~0)| 2147483647) (<= |#NULL.offset| 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| ~waterLevel~0) (<= ~methaneLevelCritical~0 0) (<= 0 ~head~0.base) (<= 0 (+ 2147483648 |timeShift_getWaterLevel_#res#1|)) (<= 0 ~methaneLevelCritical~0) (<= 0 ~pumpRunning~0) (<= ~head~0.base 0) (<= 0 |#NULL.offset|) (<= |timeShift_getWaterLevel_~retValue_acc~5#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-19 07:48:09,051 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-19 07:48:09,051 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-19 07:48:09,051 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 12, 11] total 33 [2022-11-19 07:48:09,051 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1713774762] [2022-11-19 07:48:09,051 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-19 07:48:09,052 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 33 states [2022-11-19 07:48:09,052 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:48:09,053 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 33 interpolants. [2022-11-19 07:48:09,054 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=375, Invalid=3285, Unknown=0, NotChecked=0, Total=3660 [2022-11-19 07:48:09,054 INFO L87 Difference]: Start difference. First operand 324 states and 367 transitions. Second operand has 33 states, 32 states have (on average 4.40625) internal successors, (141), 32 states have internal predecessors, (141), 17 states have call successors, (26), 8 states have call predecessors, (26), 12 states have return successors, (24), 16 states have call predecessors, (24), 16 states have call successors, (24) [2022-11-19 07:48:12,684 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:48:12,684 INFO L93 Difference]: Finished difference Result 837 states and 990 transitions. [2022-11-19 07:48:12,685 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 52 states. [2022-11-19 07:48:12,685 INFO L78 Accepts]: Start accepts. Automaton has has 33 states, 32 states have (on average 4.40625) internal successors, (141), 32 states have internal predecessors, (141), 17 states have call successors, (26), 8 states have call predecessors, (26), 12 states have return successors, (24), 16 states have call predecessors, (24), 16 states have call successors, (24) Word has length 85 [2022-11-19 07:48:12,686 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:48:12,686 INFO L225 Difference]: With dead ends: 837 [2022-11-19 07:48:12,686 INFO L226 Difference]: Without dead ends: 0 [2022-11-19 07:48:12,691 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 351 GetRequests, 240 SyntacticMatches, 3 SemanticMatches, 108 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4372 ImplicationChecksByTransitivity, 6.7s TimeCoverageRelationStatistics Valid=1322, Invalid=10668, Unknown=0, NotChecked=0, Total=11990 [2022-11-19 07:48:12,692 INFO L413 NwaCegarLoop]: 100 mSDtfsCounter, 1210 mSDsluCounter, 838 mSDsCounter, 0 mSdLazyCounter, 2296 mSolverCounterSat, 897 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1210 SdHoareTripleChecker+Valid, 938 SdHoareTripleChecker+Invalid, 3193 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 897 IncrementalHoareTripleChecker+Valid, 2296 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.7s IncrementalHoareTripleChecker+Time [2022-11-19 07:48:12,692 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1210 Valid, 938 Invalid, 3193 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [897 Valid, 2296 Invalid, 0 Unknown, 0 Unchecked, 1.7s Time] [2022-11-19 07:48:12,693 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-19 07:48:12,693 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-19 07:48:12,693 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-19 07:48:12,693 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-19 07:48:12,693 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 85 [2022-11-19 07:48:12,694 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:48:12,694 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-19 07:48:12,694 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 33 states, 32 states have (on average 4.40625) internal successors, (141), 32 states have internal predecessors, (141), 17 states have call successors, (26), 8 states have call predecessors, (26), 12 states have return successors, (24), 16 states have call predecessors, (24), 16 states have call successors, (24) [2022-11-19 07:48:12,694 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-19 07:48:12,694 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-19 07:48:12,697 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-19 07:48:12,708 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-19 07:48:12,903 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-19 07:48:12,905 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-19 07:48:22,026 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 102 108) no Hoare annotation was computed. [2022-11-19 07:48:22,026 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 102 108) the Hoare annotation is: true [2022-11-19 07:48:22,027 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 377 388) the Hoare annotation is: true [2022-11-19 07:48:22,027 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 377 388) no Hoare annotation was computed. [2022-11-19 07:48:22,027 INFO L899 garLoopResultBuilder]: For program point L929(line 929) no Hoare annotation was computed. [2022-11-19 07:48:22,027 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 908 937) no Hoare annotation was computed. [2022-11-19 07:48:22,027 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 908 937) the Hoare annotation is: true [2022-11-19 07:48:22,027 INFO L899 garLoopResultBuilder]: For program point L922(lines 922 926) no Hoare annotation was computed. [2022-11-19 07:48:22,027 INFO L902 garLoopResultBuilder]: At program point L922-1(lines 922 926) the Hoare annotation is: true [2022-11-19 07:48:22,028 INFO L902 garLoopResultBuilder]: At program point L918-2(lines 918 932) the Hoare annotation is: true [2022-11-19 07:48:22,028 INFO L902 garLoopResultBuilder]: At program point L914(line 914) the Hoare annotation is: true [2022-11-19 07:48:22,028 INFO L899 garLoopResultBuilder]: For program point L914-1(line 914) no Hoare annotation was computed. [2022-11-19 07:48:22,028 INFO L902 garLoopResultBuilder]: At program point L933(lines 908 937) the Hoare annotation is: true [2022-11-19 07:48:22,029 INFO L895 garLoopResultBuilder]: At program point L155(line 155) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (= 0 ~systemActive~0))) (let ((.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse8 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse7 (not (= |old(~pumpRunning~0)| 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (not (< |old(~waterLevel~0)| 3))) (.cse10 (and .cse2 .cse4 .cse3 (not .cse1)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (and .cse2 (= ~waterLevel~0 1) .cse3)) (or .cse0 (and .cse2 .cse4 .cse3) .cse1 .cse5 .cse6) (or .cse7 .cse1 .cse5 .cse6) (or .cse8 .cse0 .cse1 .cse9 .cse10) (or .cse8 .cse7 .cse1 .cse9) (or .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse9 .cse10)))) [2022-11-19 07:48:22,029 INFO L895 garLoopResultBuilder]: At program point L155-1(lines 136 160) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 0)) (.cse9 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse11 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= 0 ~systemActive~0)) (.cse12 (= ~pumpRunning~0 1))) (let ((.cse4 (and (<= 2 ~waterLevel~0) (<= ~waterLevel~0 2) .cse11 (not .cse2) .cse12)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (and .cse7 .cse11 .cse9)) (.cse15 (not (<= |old(~waterLevel~0)| 0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (not (<= 2 |old(~waterLevel~0)|))) (.cse8 (= ~waterLevel~0 1)) (.cse10 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse6 (not (= |old(~waterLevel~0)| 1))) (.cse13 (not (= |old(~pumpRunning~0)| 1))) (.cse14 (<= 1 ~switchedOnBeforeTS~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse2 .cse4 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) (not (< |old(~waterLevel~0)| 3))) (or .cse0 .cse6 .cse2 (and .cse7 .cse8 .cse9)) (or .cse10 (and .cse11 .cse9 .cse12) .cse13 (and .cse7 .cse11 .cse14) .cse2 .cse15) (or .cse10 .cse0 .cse1 .cse2 .cse15) (or .cse13 (and .cse8 .cse9 .cse12) .cse2 .cse3 .cse5 (and .cse7 .cse8 .cse14)) (let ((.cse16 (+ ~waterLevel~0 1))) (let ((.cse17 (or (and (= |old(~waterLevel~0)| .cse16) (< 0 |old(~waterLevel~0)|)) .cse11))) (or .cse10 .cse6 .cse13 (and .cse7 (<= .cse16 |old(~waterLevel~0)|) .cse17 .cse14) .cse2 (and (<= ~waterLevel~0 0) .cse17 .cse9 .cse12))))))) [2022-11-19 07:48:22,030 INFO L895 garLoopResultBuilder]: At program point L89-1(lines 89 95) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 0)) (.cse9 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse11 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= 0 ~systemActive~0)) (.cse12 (= ~pumpRunning~0 1))) (let ((.cse4 (and (<= 2 ~waterLevel~0) (<= ~waterLevel~0 2) .cse11 (not .cse2) .cse12)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (and .cse7 .cse11 .cse9)) (.cse15 (not (<= |old(~waterLevel~0)| 0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (not (<= 2 |old(~waterLevel~0)|))) (.cse8 (= ~waterLevel~0 1)) (.cse10 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse6 (not (= |old(~waterLevel~0)| 1))) (.cse13 (not (= |old(~pumpRunning~0)| 1))) (.cse14 (<= 1 ~switchedOnBeforeTS~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse2 .cse4 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) (not (< |old(~waterLevel~0)| 3))) (or .cse0 .cse6 .cse2 (and .cse7 .cse8 .cse9)) (or .cse10 (and .cse11 .cse9 .cse12) .cse13 (and .cse7 .cse11 .cse14) .cse2 .cse15) (or .cse10 .cse0 .cse1 .cse2 .cse15) (or .cse13 (and .cse8 .cse9 .cse12) .cse2 .cse3 .cse5 (and .cse7 .cse8 .cse14)) (let ((.cse16 (+ ~waterLevel~0 1))) (let ((.cse17 (or (and (= |old(~waterLevel~0)| .cse16) (< 0 |old(~waterLevel~0)|)) .cse11))) (or .cse10 .cse6 .cse13 (and .cse7 (<= .cse16 |old(~waterLevel~0)|) .cse17 .cse14) .cse2 (and (<= ~waterLevel~0 0) .cse17 .cse9 .cse12))))))) [2022-11-19 07:48:22,030 INFO L895 garLoopResultBuilder]: At program point L849(line 849) the Hoare annotation is: (let ((.cse11 (= ~pumpRunning~0 0)) (.cse6 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| ~waterLevel~0)) (.cse16 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse12 (<= 1 ~switchedOnBeforeTS~0)) (.cse5 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (= ~pumpRunning~0 1)) (.cse2 (and .cse11 .cse6 .cse16 .cse8)) (.cse4 (not (< |old(~waterLevel~0)| 3))) (.cse10 (not (<= |old(~waterLevel~0)| 2))) (.cse13 (not (<= 2 |old(~waterLevel~0)|))) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (= ~waterLevel~0 1)) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 (and .cse6 .cse7 .cse8 .cse9) .cse3 .cse10 (and .cse11 .cse6 .cse7 .cse12) .cse13) (let ((.cse15 (+ ~waterLevel~0 1))) (let ((.cse14 (or (and (= |old(~waterLevel~0)| .cse15) (< 0 |old(~waterLevel~0)|)) .cse16))) (or .cse0 (not (<= |old(~waterLevel~0)| 1)) (and .cse11 .cse6 .cse14 (or (<= |old(~waterLevel~0)| 0) (<= .cse15 |old(~waterLevel~0)|)) .cse12) .cse5 (and (<= ~waterLevel~0 0) .cse6 .cse14 .cse8 .cse9) .cse3))) (or .cse1 .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse4) (or .cse1 .cse3 .cse10 .cse13) (or .cse1 (not (= |old(~waterLevel~0)| 1)) (and .cse11 .cse6 .cse7 .cse8) .cse3)))) [2022-11-19 07:48:22,030 INFO L899 garLoopResultBuilder]: For program point L849-1(line 849) no Hoare annotation was computed. [2022-11-19 07:48:22,030 INFO L899 garLoopResultBuilder]: For program point L82-2(lines 78 100) no Hoare annotation was computed. [2022-11-19 07:48:22,031 INFO L895 garLoopResultBuilder]: At program point L144(lines 144 152) the Hoare annotation is: (let ((.cse2 (not (< |old(~waterLevel~0)| 3))) (.cse3 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse6 (= ~pumpRunning~0 1)) (.cse4 (not (= |old(~pumpRunning~0)| 1))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse8 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (not (= |old(~waterLevel~0)| 1))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse2) (or .cse3 .cse0 .cse1 .cse2) (or .cse4 (and (= ~waterLevel~0 1) .cse5 .cse6) .cse1 .cse7 .cse8) (or .cse3 .cse9 .cse4 .cse1 (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse5 .cse6)) (or .cse3 (and (= |old(~waterLevel~0)| ~waterLevel~0) .cse5 .cse6) .cse4 .cse1 (not (<= |old(~waterLevel~0)| 0))) (or .cse0 .cse1 .cse7 .cse8) (or .cse0 .cse9 .cse1))) [2022-11-19 07:48:22,031 INFO L895 garLoopResultBuilder]: At program point L140(lines 140 157) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (= 0 ~systemActive~0))) (let ((.cse3 (= ~waterLevel~0 1)) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse7 (not (<= 2 |old(~waterLevel~0)|))) (.cse10 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse8 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (= ~pumpRunning~0 1)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse11 (not (< |old(~waterLevel~0)| 3))) (.cse12 (and .cse2 .cse5 .cse4 (not .cse1)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (and .cse2 .cse3 .cse4)) (or .cse0 (and .cse2 .cse5 .cse4) .cse1 .cse6 .cse7) (or .cse8 (and .cse3 .cse4 .cse9) .cse1 .cse6 .cse7) (or .cse10 .cse0 .cse1 .cse11 .cse12) (or .cse10 (not (<= |old(~waterLevel~0)| 1)) .cse8 .cse1 (and (<= ~waterLevel~0 0) (or (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (< 0 |old(~waterLevel~0)|)) .cse5) .cse4 .cse9)) (or .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse11 .cse12)))) [2022-11-19 07:48:22,032 INFO L895 garLoopResultBuilder]: At program point L834(line 834) the Hoare annotation is: (let ((.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (not (<= |old(~waterLevel~0)| 2))) (.cse9 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse10 (and .cse7 (= ~pumpRunning~0 1))) (.cse4 (not (< |old(~waterLevel~0)| 3))) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse5 (and .cse6 .cse7 .cse3) .cse2 .cse4) (or .cse5 (and .cse6 .cse7 (<= 1 ~switchedOnBeforeTS~0)) .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse4) (or .cse5 (and .cse6 .cse7) .cse2 .cse8 .cse9) (or .cse1 .cse2 .cse8 .cse10 .cse9) (or .cse0 .cse1 .cse2 .cse10 .cse4) (or .cse5 (not (= |old(~waterLevel~0)| 1)) (and .cse6 (= ~waterLevel~0 1)) .cse2)))) [2022-11-19 07:48:22,032 INFO L895 garLoopResultBuilder]: At program point L834-1(line 834) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse11 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse12 (= ~waterLevel~0 1))) (let ((.cse9 (= ~pumpRunning~0 0)) (.cse10 (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__2_#t~ret49#1|)) (.cse16 (or .cse11 .cse12)) (.cse17 (not .cse3))) (let ((.cse13 (and .cse9 .cse10 .cse16 (<= 1 ~switchedOnBeforeTS~0) .cse17)) (.cse15 (and .cse9 .cse10 .cse16 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse17))) (let ((.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse8 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse5 (and .cse10 .cse11 (= ~pumpRunning~0 1))) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (not (< |old(~waterLevel~0)| 3))) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (and .cse11 (or .cse13 .cse15))) (.cse14 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse3 .cse7 .cse8) (or .cse1 (and .cse9 .cse10 .cse11) .cse3 .cse7 .cse8) (or .cse1 (not (= |old(~waterLevel~0)| 1)) (and .cse9 .cse10 .cse12) .cse3) (or .cse0 .cse5 .cse6 .cse3 .cse4) (or .cse1 .cse13 .cse3 .cse14 .cse15 .cse4) (or (not (<= |old(~waterLevel~0)| 1)) .cse1 .cse2 .cse3 .cse14)))))) [2022-11-19 07:48:22,032 INFO L895 garLoopResultBuilder]: At program point L54(line 54) the Hoare annotation is: (let ((.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse3 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse4 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (< |old(~waterLevel~0)| 3))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse2) (or .cse3 .cse0 .cse1 .cse2) (or .cse4 .cse1 .cse5 .cse6) (or .cse0 .cse1 .cse5 .cse6) (or .cse3 .cse4 .cse1 .cse2) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1))) [2022-11-19 07:48:22,033 INFO L899 garLoopResultBuilder]: For program point L851(lines 851 861) no Hoare annotation was computed. [2022-11-19 07:48:22,033 INFO L899 garLoopResultBuilder]: For program point L847(lines 847 864) no Hoare annotation was computed. [2022-11-19 07:48:22,033 INFO L895 garLoopResultBuilder]: At program point L847-1(lines 839 867) the Hoare annotation is: (let ((.cse4 (= ~pumpRunning~0 1)) (.cse7 (= ~pumpRunning~0 0)) (.cse1 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| ~waterLevel~0)) (.cse13 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (let ((.cse8 (<= 1 ~switchedOnBeforeTS~0)) (.cse0 (not (= |old(~pumpRunning~0)| 1))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse9 (not (<= 2 |old(~waterLevel~0)|))) (.cse10 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse15 (and .cse7 .cse1 .cse13 .cse3)) (.cse16 (and (<= 2 ~waterLevel~0) .cse1 .cse13 .cse4)) (.cse17 (not (< |old(~waterLevel~0)| 3))) (.cse14 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~waterLevel~0 1)) (.cse5 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2 .cse3 .cse4) .cse5 .cse6 (and .cse7 .cse1 .cse2 .cse8) .cse9) (let ((.cse12 (+ ~waterLevel~0 1))) (let ((.cse11 (or (and (= |old(~waterLevel~0)| .cse12) (< 0 |old(~waterLevel~0)|)) .cse13))) (or .cse10 (not (<= |old(~waterLevel~0)| 1)) (and .cse7 .cse1 .cse11 (or (<= |old(~waterLevel~0)| 0) (<= .cse12 |old(~waterLevel~0)|)) .cse8) .cse0 (and (<= ~waterLevel~0 0) .cse1 .cse11 .cse3 .cse4) .cse5))) (or .cse14 (and .cse1 .cse13 .cse4) .cse15 .cse5 .cse6 .cse9) (or .cse10 .cse14 .cse15 .cse16 .cse5 .cse17) (or .cse14 .cse15 .cse16 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse17) (or .cse14 (not (= |old(~waterLevel~0)| 1)) (and .cse7 .cse1 .cse2 .cse3) .cse5)))) [2022-11-19 07:48:22,034 INFO L895 garLoopResultBuilder]: At program point L150(line 150) the Hoare annotation is: (let ((.cse2 (not (< |old(~waterLevel~0)| 3))) (.cse3 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse6 (= ~pumpRunning~0 1)) (.cse4 (not (= |old(~pumpRunning~0)| 1))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse8 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (not (= |old(~waterLevel~0)| 1))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse2) (or .cse3 .cse0 .cse1 .cse2) (or .cse4 (and (= ~waterLevel~0 1) .cse5 .cse6) .cse1 .cse7 .cse8) (or .cse3 .cse9 .cse4 .cse1 (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse5 .cse6)) (or .cse3 (and (= |old(~waterLevel~0)| ~waterLevel~0) .cse5 .cse6) .cse4 .cse1 (not (<= |old(~waterLevel~0)| 0))) (or .cse0 .cse1 .cse7 .cse8) (or .cse0 .cse9 .cse1))) [2022-11-19 07:48:22,034 INFO L899 garLoopResultBuilder]: For program point L852(lines 852 858) no Hoare annotation was computed. [2022-11-19 07:48:22,034 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 75 101) the Hoare annotation is: (let ((.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (not (<= |old(~waterLevel~0)| 2))) (.cse9 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse10 (and .cse7 (= ~pumpRunning~0 1))) (.cse4 (not (< |old(~waterLevel~0)| 3))) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse5 (and .cse6 .cse7 .cse3) .cse2 .cse4) (or .cse5 (and .cse6 .cse7 (<= 1 ~switchedOnBeforeTS~0)) .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse4) (or .cse5 (and .cse6 .cse7) .cse2 .cse8 .cse9) (or .cse1 .cse2 .cse8 .cse10 .cse9) (or .cse0 .cse1 .cse2 .cse10 .cse4) (or .cse5 (not (= |old(~waterLevel~0)| 1)) (and .cse6 (= ~waterLevel~0 1)) .cse2)))) [2022-11-19 07:48:22,034 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 75 101) no Hoare annotation was computed. [2022-11-19 07:48:22,035 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 54) no Hoare annotation was computed. [2022-11-19 07:48:22,035 INFO L895 garLoopResultBuilder]: At program point L341(lines 292 342) the Hoare annotation is: false [2022-11-19 07:48:22,035 INFO L895 garLoopResultBuilder]: At program point L990(lines 990 997) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_main_~tmp~9#1| 1) (= ~waterLevel~0 1) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (not (= 0 ~systemActive~0))) [2022-11-19 07:48:22,035 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-19 07:48:22,035 INFO L902 garLoopResultBuilder]: At program point L990-2(lines 990 997) the Hoare annotation is: true [2022-11-19 07:48:22,035 INFO L899 garLoopResultBuilder]: For program point L313(lines 313 319) no Hoare annotation was computed. [2022-11-19 07:48:22,036 INFO L895 garLoopResultBuilder]: At program point L313-1(lines 313 319) the Hoare annotation is: (let ((.cse6 (<= 2 ~waterLevel~0)) (.cse7 (<= ~waterLevel~0 2)) (.cse3 (< ~waterLevel~0 3)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (= ~pumpRunning~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~9#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse6 .cse1 .cse2 .cse7 .cse5) (and .cse6 .cse1 .cse2 .cse7 .cse5 .cse8) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse3 .cse5) (and .cse1 .cse2 .cse3 .cse4 .cse5 .cse8) (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1) .cse5))) [2022-11-19 07:48:22,036 INFO L895 garLoopResultBuilder]: At program point L338(lines 293 340) the Hoare annotation is: (let ((.cse3 (<= ~waterLevel~0 2)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse6 (= ~pumpRunning~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~9#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3 .cse5 .cse6) (and .cse0 (<= ~waterLevel~0 1) .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse5) (and .cse1 .cse2 (< ~waterLevel~0 3) .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1) .cse5))) [2022-11-19 07:48:22,036 INFO L895 garLoopResultBuilder]: At program point L305(line 305) the Hoare annotation is: (let ((.cse3 (< ~waterLevel~0 3)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (= ~pumpRunning~0 1)) (.cse1 (= |ULTIMATE.start_main_~tmp~9#1| 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse6 (<= 2 ~waterLevel~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse7 (<= ~waterLevel~0 2)) (.cse5 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse6 .cse1 .cse2 .cse7 .cse5 .cse8) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse3 .cse5) (and .cse1 .cse2 .cse3 .cse4 .cse5 .cse8) (and .cse1 (or (and .cse0 .cse2 (= ~waterLevel~0 1)) (and .cse0 .cse6 .cse2 .cse7)) .cse5))) [2022-11-19 07:48:22,036 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-19 07:48:22,037 INFO L895 garLoopResultBuilder]: At program point L331-2(lines 323 336) the Hoare annotation is: (let ((.cse6 (<= 2 ~waterLevel~0)) (.cse7 (<= ~waterLevel~0 2)) (.cse3 (< ~waterLevel~0 3)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (= ~pumpRunning~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~9#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse6 .cse1 .cse2 .cse7 .cse5) (and .cse6 .cse1 .cse2 .cse7 .cse5 .cse8) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse3 .cse5) (and .cse1 .cse2 .cse3 .cse4 .cse5 .cse8) (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1) .cse5))) [2022-11-19 07:48:22,037 INFO L899 garLoopResultBuilder]: For program point L294(lines 293 340) no Hoare annotation was computed. [2022-11-19 07:48:22,037 INFO L895 garLoopResultBuilder]: At program point L315(line 315) the Hoare annotation is: (let ((.cse6 (<= 2 ~waterLevel~0)) (.cse7 (<= ~waterLevel~0 2)) (.cse3 (< ~waterLevel~0 3)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (= ~pumpRunning~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~9#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse6 .cse1 .cse2 .cse7 .cse5) (and .cse6 .cse1 .cse2 .cse7 .cse5 .cse8) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse3 .cse5) (and .cse1 .cse2 .cse3 .cse4 .cse5 .cse8) (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1) .cse5))) [2022-11-19 07:48:22,037 INFO L902 garLoopResultBuilder]: At program point L344(lines 283 348) the Hoare annotation is: true [2022-11-19 07:48:22,037 INFO L899 garLoopResultBuilder]: For program point L303(lines 303 309) no Hoare annotation was computed. [2022-11-19 07:48:22,038 INFO L899 garLoopResultBuilder]: For program point L303-1(lines 303 309) no Hoare annotation was computed. [2022-11-19 07:48:22,038 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 110 134) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (= ~pumpRunning~0 1)) (.cse1 (= 0 ~systemActive~0)) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2 .cse3) (or (not (= |old(~pumpRunning~0)| 0)) (not (<= ~waterLevel~0 2)) .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse2))) [2022-11-19 07:48:22,038 INFO L895 garLoopResultBuilder]: At program point L124(line 124) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 0 ~systemActive~0)) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse3 (not (<= ~waterLevel~0 2)) .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse2) (or .cse3 (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0) (not (<= ~waterLevel~0 1)) .cse1 .cse2))) [2022-11-19 07:48:22,038 INFO L895 garLoopResultBuilder]: At program point L118(lines 118 126) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 0 ~systemActive~0)) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse3 (not (<= ~waterLevel~0 2)) .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse2) (or .cse3 (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0) (not (<= ~waterLevel~0 1)) .cse1 .cse2))) [2022-11-19 07:48:22,039 INFO L895 garLoopResultBuilder]: At program point L114(lines 114 131) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (= ~pumpRunning~0 1)) (.cse1 (= 0 ~systemActive~0)) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2 .cse3) (or (not (= |old(~pumpRunning~0)| 0)) (not (<= ~waterLevel~0 2)) .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse2))) [2022-11-19 07:48:22,039 INFO L895 garLoopResultBuilder]: At program point L129(line 129) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse0 (= 0 ~systemActive~0)) (.cse1 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 1))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (< ~waterLevel~0 3)) .cse1) (or (not (= ~waterLevel~0 1)) .cse2 .cse0 .cse1 .cse3) (or (not (<= ~waterLevel~0 0)) .cse2 .cse0 .cse1 .cse3))) [2022-11-19 07:48:22,039 INFO L899 garLoopResultBuilder]: For program point L129-1(lines 110 134) no Hoare annotation was computed. [2022-11-19 07:48:22,039 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 110 134) no Hoare annotation was computed. [2022-11-19 07:48:22,039 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 365 376) no Hoare annotation was computed. [2022-11-19 07:48:22,040 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 365 376) the Hoare annotation is: (let ((.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse6 (not (= ~pumpRunning~0 1))) (.cse5 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (= 0 ~systemActive~0))) (and (or (and (or .cse0 .cse1 .cse2) (or .cse0 (not (= |old(~waterLevel~0)| 1)))) .cse3 .cse4) (or .cse0 .cse5 .cse3 .cse4 (not (<= |old(~waterLevel~0)| 0))) (or .cse6 .cse3 .cse4 .cse1 .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse3 .cse4 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse6 .cse5 .cse3 .cse4 (not (< |old(~waterLevel~0)| 3))))) [2022-11-19 07:48:22,040 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 188 196) no Hoare annotation was computed. [2022-11-19 07:48:22,040 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 188 196) the Hoare annotation is: true [2022-11-19 07:48:22,043 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:48:22,046 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-19 07:48:22,084 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 19.11 07:48:22 BoogieIcfgContainer [2022-11-19 07:48:22,085 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-19 07:48:22,085 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-19 07:48:22,085 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-19 07:48:22,086 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-19 07:48:22,086 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 07:47:35" (3/4) ... [2022-11-19 07:48:22,089 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-19 07:48:22,095 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-19 07:48:22,096 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-19 07:48:22,096 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-19 07:48:22,096 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-19 07:48:22,096 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-19 07:48:22,096 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-19 07:48:22,097 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-19 07:48:22,107 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 49 nodes and edges [2022-11-19 07:48:22,108 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 13 nodes and edges [2022-11-19 07:48:22,108 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-19 07:48:22,109 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-19 07:48:22,109 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-19 07:48:22,141 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || (\old(waterLevel) == waterLevel && (((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive)) || ((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))))) || 0 == systemActive) || !(\old(waterLevel) < 3)) && ((((((pumpRunning == aux-isPumpRunning()-aux && \old(waterLevel) == waterLevel) && pumpRunning == 1) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && waterLevel == 1)) || 0 == systemActive)) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((pumpRunning == aux-isPumpRunning()-aux && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) < 3))) && (((((!(\old(pumpRunning) == 0) || ((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || ((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || !(\old(waterLevel) < 3))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (\old(waterLevel) == waterLevel && (((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive)) || ((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-19 07:48:22,142 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((((2 <= waterLevel && waterLevel <= 2) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) && pumpRunning == 1)) || !(2 <= \old(waterLevel))) && (((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || ((((2 <= waterLevel && waterLevel <= 2) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && pumpRunning == switchedOnBeforeTS))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((\old(waterLevel) == waterLevel && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 0))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 0))) && (((((!(\old(pumpRunning) == 1) || ((waterLevel == 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && waterLevel + 1 <= \old(waterLevel)) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || (((waterLevel <= 0 && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) [2022-11-19 07:48:22,142 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(pumpRunning) == 1) || (((tmp == waterLevel && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(2 <= \old(waterLevel))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || ((((pumpRunning == 0 && tmp == waterLevel) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && (\old(waterLevel) <= 0 || waterLevel + 1 <= \old(waterLevel))) && 1 <= switchedOnBeforeTS)) || !(\old(pumpRunning) == 1)) || ((((waterLevel <= 0 && tmp == waterLevel) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive)) && (((((!(\old(pumpRunning) == 0) || ((tmp == waterLevel && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || (((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (((2 <= waterLevel && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) < 3))) && (((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (((2 <= waterLevel && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) [2022-11-19 07:48:22,143 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 1) || ((waterLevel == 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || 0 == systemActive) || !(\old(waterLevel) < 3)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || (((waterLevel <= 0 && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) [2022-11-19 07:48:22,143 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3)) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || 0 == systemActive) || !(\old(waterLevel) < 3))) && (((!(\old(pumpRunning) == 1) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) < 3))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-19 07:48:22,143 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((((2 <= waterLevel && waterLevel <= 2) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) && pumpRunning == 1)) || !(2 <= \old(waterLevel))) && (((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || ((((2 <= waterLevel && waterLevel <= 2) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && pumpRunning == switchedOnBeforeTS))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((\old(waterLevel) == waterLevel && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 0))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 0))) && (((((!(\old(pumpRunning) == 1) || ((waterLevel == 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && waterLevel + 1 <= \old(waterLevel)) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || (((waterLevel <= 0 && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) [2022-11-19 07:48:22,143 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(waterLevel == 1) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning))) || pumpRunning == 1) && ((((!(waterLevel <= 0) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning))) || pumpRunning == 1)) && ((((!(\old(pumpRunning) == 0) || !(waterLevel <= 2)) || 0 == systemActive) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) [2022-11-19 07:48:22,144 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(pumpRunning) == 0) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3)) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || 0 == systemActive) || !(\old(waterLevel) < 3))) && ((((!(\old(pumpRunning) == 1) || ((waterLevel == 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || ((\old(waterLevel) == waterLevel + 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((\old(waterLevel) == waterLevel && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 0))) && (((!(\old(pumpRunning) == 0) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-19 07:48:22,145 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(waterLevel <= 0) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((!(waterLevel == 1) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((!(\old(pumpRunning) == 0) || !(waterLevel <= 2)) || 0 == systemActive) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((!(\old(pumpRunning) == 0) || tmp == 0) || !(waterLevel <= 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning))) [2022-11-19 07:48:22,177 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/witness.graphml [2022-11-19 07:48:22,178 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-19 07:48:22,179 INFO L158 Benchmark]: Toolchain (without parser) took 48020.94ms. Allocated memory was 111.1MB in the beginning and 490.7MB in the end (delta: 379.6MB). Free memory was 68.8MB in the beginning and 356.4MB in the end (delta: -287.5MB). Peak memory consumption was 90.6MB. Max. memory is 16.1GB. [2022-11-19 07:48:22,179 INFO L158 Benchmark]: CDTParser took 0.30ms. Allocated memory is still 111.1MB. Free memory is still 86.4MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-19 07:48:22,179 INFO L158 Benchmark]: CACSL2BoogieTranslator took 577.15ms. Allocated memory is still 111.1MB. Free memory was 68.6MB in the beginning and 78.7MB in the end (delta: -10.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-11-19 07:48:22,180 INFO L158 Benchmark]: Boogie Procedure Inliner took 57.54ms. Allocated memory is still 111.1MB. Free memory was 78.7MB in the beginning and 76.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-19 07:48:22,180 INFO L158 Benchmark]: Boogie Preprocessor took 30.18ms. Allocated memory is still 111.1MB. Free memory was 76.6MB in the beginning and 74.7MB in the end (delta: 1.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-19 07:48:22,180 INFO L158 Benchmark]: RCFGBuilder took 633.76ms. Allocated memory is still 111.1MB. Free memory was 74.7MB in the beginning and 49.3MB in the end (delta: 25.4MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2022-11-19 07:48:22,181 INFO L158 Benchmark]: TraceAbstraction took 46620.77ms. Allocated memory was 111.1MB in the beginning and 490.7MB in the end (delta: 379.6MB). Free memory was 48.5MB in the beginning and 361.6MB in the end (delta: -313.1MB). Peak memory consumption was 260.6MB. Max. memory is 16.1GB. [2022-11-19 07:48:22,182 INFO L158 Benchmark]: Witness Printer took 92.52ms. Allocated memory is still 490.7MB. Free memory was 361.6MB in the beginning and 356.4MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-19 07:48:22,184 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.30ms. Allocated memory is still 111.1MB. Free memory is still 86.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 577.15ms. Allocated memory is still 111.1MB. Free memory was 68.6MB in the beginning and 78.7MB in the end (delta: -10.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 57.54ms. Allocated memory is still 111.1MB. Free memory was 78.7MB in the beginning and 76.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 30.18ms. Allocated memory is still 111.1MB. Free memory was 76.6MB in the beginning and 74.7MB in the end (delta: 1.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 633.76ms. Allocated memory is still 111.1MB. Free memory was 74.7MB in the beginning and 49.3MB in the end (delta: 25.4MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 46620.77ms. Allocated memory was 111.1MB in the beginning and 490.7MB in the end (delta: 379.6MB). Free memory was 48.5MB in the beginning and 361.6MB in the end (delta: -313.1MB). Peak memory consumption was 260.6MB. Max. memory is 16.1GB. * Witness Printer took 92.52ms. Allocated memory is still 490.7MB. Free memory was 361.6MB in the beginning and 356.4MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 58 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 46.5s, OverallIterations: 10, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 7.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 9.1s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2234 SdHoareTripleChecker+Valid, 3.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2211 mSDsluCounter, 3131 SdHoareTripleChecker+Invalid, 3.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2446 mSDsCounter, 1382 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 4684 IncrementalHoareTripleChecker+Invalid, 6066 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1382 mSolverCounterUnsat, 685 mSDtfsCounter, 4684 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 977 GetRequests, 691 SyntacticMatches, 8 SemanticMatches, 278 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7096 ImplicationChecksByTransitivity, 17.9s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=324occurred in iteration=9, InterpolantAutomatonStates: 158, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 255 StatesRemovedByMinimization, 5 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 36 LocationsWithAnnotation, 1121 PreInvPairs, 1351 NumberOfFragments, 3332 HoareAnnotationTreeSize, 1121 FomulaSimplifications, 10131 FormulaSimplificationTreeSizeReduction, 0.7s HoareSimplificationTime, 36 FomulaSimplificationsInter, 26137 FormulaSimplificationTreeSizeReductionInter, 8.3s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 4.9s InterpolantComputationTime, 762 NumberOfCodeBlocks, 762 NumberOfCodeBlocksAsserted, 14 NumberOfCheckSat, 973 ConstructedInterpolants, 0 QuantifiedInterpolants, 3055 SizeOfPredicates, 31 NumberOfNonLiveVariables, 1391 ConjunctsInSsa, 68 ConjunctsInUnsatCore, 17 InterpolantComputations, 7 PerfectInterpolantSequences, 500/581 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 114]: Loop Invariant Derived loop invariant: (((((!(waterLevel == 1) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning))) || pumpRunning == 1) && ((((!(waterLevel <= 0) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning))) || pumpRunning == 1)) && ((((!(\old(pumpRunning) == 0) || !(waterLevel <= 2)) || 0 == systemActive) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 136]: Loop Invariant Derived loop invariant: ((((((((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((((2 <= waterLevel && waterLevel <= 2) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) && pumpRunning == 1)) || !(2 <= \old(waterLevel))) && (((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || ((((2 <= waterLevel && waterLevel <= 2) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && pumpRunning == switchedOnBeforeTS))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((\old(waterLevel) == waterLevel && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 0))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 0))) && (((((!(\old(pumpRunning) == 1) || ((waterLevel == 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && waterLevel + 1 <= \old(waterLevel)) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || (((waterLevel <= 0 && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) - InvariantResult [Line: 54]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3)) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || 0 == systemActive) || !(\old(waterLevel) < 3))) && (((!(\old(pumpRunning) == 1) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) < 3))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 293]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)) || (((((2 <= waterLevel && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2) && !(0 == systemActive)) && pumpRunning == 1)) || (((((pumpRunning == 0 && waterLevel <= 1) && tmp == 1) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || (((((tmp == 1 && splverifierCounter == 0) && waterLevel < 3) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)) && pumpRunning == 1)) || ((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive)) - InvariantResult [Line: 990]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 313]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && waterLevel < 3) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)) || (((((pumpRunning == 0 && 2 <= waterLevel) && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2) && !(0 == systemActive))) || (((((2 <= waterLevel && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2) && !(0 == systemActive)) && pumpRunning == 1)) || (((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) && waterLevel < 3) && !(0 == systemActive))) || (((((tmp == 1 && splverifierCounter == 0) && waterLevel < 3) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)) && pumpRunning == 1)) || ((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive)) - InvariantResult [Line: 144]: Loop Invariant Derived loop invariant: ((((((((!(\old(pumpRunning) == 0) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3)) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || 0 == systemActive) || !(\old(waterLevel) < 3))) && ((((!(\old(pumpRunning) == 1) || ((waterLevel == 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || ((\old(waterLevel) == waterLevel + 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((\old(waterLevel) == waterLevel && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 0))) && (((!(\old(pumpRunning) == 0) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 292]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 140]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 1) || ((waterLevel == 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || 0 == systemActive) || !(\old(waterLevel) < 3)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || (((waterLevel <= 0 && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) - InvariantResult [Line: 89]: Loop Invariant Derived loop invariant: ((((((((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((((2 <= waterLevel && waterLevel <= 2) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) && pumpRunning == 1)) || !(2 <= \old(waterLevel))) && (((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || ((((2 <= waterLevel && waterLevel <= 2) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && pumpRunning == switchedOnBeforeTS))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((\old(waterLevel) == waterLevel && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 0))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 0))) && (((((!(\old(pumpRunning) == 1) || ((waterLevel == 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && waterLevel + 1 <= \old(waterLevel)) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || (((waterLevel <= 0 && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) - InvariantResult [Line: 834]: Loop Invariant Derived loop invariant: (((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || (\old(waterLevel) == waterLevel && (((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive)) || ((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))))) || 0 == systemActive) || !(\old(waterLevel) < 3)) && ((((((pumpRunning == aux-isPumpRunning()-aux && \old(waterLevel) == waterLevel) && pumpRunning == 1) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && waterLevel == 1)) || 0 == systemActive)) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((pumpRunning == aux-isPumpRunning()-aux && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) < 3))) && (((((!(\old(pumpRunning) == 0) || ((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || ((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || !(\old(waterLevel) < 3))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (\old(waterLevel) == waterLevel && (((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive)) || ((((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 118]: Loop Invariant Derived loop invariant: (((((!(waterLevel <= 0) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((!(waterLevel == 1) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((!(\old(pumpRunning) == 0) || !(waterLevel <= 2)) || 0 == systemActive) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((!(\old(pumpRunning) == 0) || tmp == 0) || !(waterLevel <= 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning))) - InvariantResult [Line: 990]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && tmp == 1) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive) - InvariantResult [Line: 908]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 283]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 918]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 839]: Loop Invariant Derived loop invariant: (((((((((!(\old(pumpRunning) == 1) || (((tmp == waterLevel && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(2 <= \old(waterLevel))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || ((((pumpRunning == 0 && tmp == waterLevel) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && (\old(waterLevel) <= 0 || waterLevel + 1 <= \old(waterLevel))) && 1 <= switchedOnBeforeTS)) || !(\old(pumpRunning) == 1)) || ((((waterLevel <= 0 && tmp == waterLevel) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive)) && (((((!(\old(pumpRunning) == 0) || ((tmp == waterLevel && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || (((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (((2 <= waterLevel && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) < 3))) && (((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (((2 <= waterLevel && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || 0 == systemActive) RESULT: Ultimate proved your program to be correct! [2022-11-19 07:48:22,243 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a567cbcd-fc03-41de-b790-f38608d60337/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE