./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4e7fbc69 Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 5a0a9a5f1521df25ea0ff390c35c7186e45318cd30c225704d83030e156744fb --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-4e7fbc6 [2022-11-23 14:13:40,687 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-23 14:13:40,689 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-23 14:13:40,710 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-23 14:13:40,710 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-23 14:13:40,711 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-23 14:13:40,713 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-23 14:13:40,715 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-23 14:13:40,717 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-23 14:13:40,718 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-23 14:13:40,719 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-23 14:13:40,721 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-23 14:13:40,721 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-23 14:13:40,723 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-23 14:13:40,724 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-23 14:13:40,725 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-23 14:13:40,726 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-23 14:13:40,728 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-23 14:13:40,730 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-23 14:13:40,732 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-23 14:13:40,734 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-23 14:13:40,735 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-23 14:13:40,737 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-23 14:13:40,738 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-23 14:13:40,742 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-23 14:13:40,742 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-23 14:13:40,743 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-23 14:13:40,744 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-23 14:13:40,744 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-23 14:13:40,746 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-23 14:13:40,746 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-23 14:13:40,747 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-23 14:13:40,748 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-23 14:13:40,749 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-23 14:13:40,750 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-23 14:13:40,751 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-23 14:13:40,752 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-23 14:13:40,752 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-23 14:13:40,753 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-23 14:13:40,754 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-23 14:13:40,755 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-23 14:13:40,756 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-23 14:13:40,781 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-23 14:13:40,781 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-23 14:13:40,781 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-23 14:13:40,782 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-23 14:13:40,782 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-23 14:13:40,783 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-23 14:13:40,783 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-23 14:13:40,783 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-23 14:13:40,784 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-23 14:13:40,784 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-23 14:13:40,784 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-23 14:13:40,784 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-23 14:13:40,785 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-23 14:13:40,785 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-23 14:13:40,785 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-23 14:13:40,785 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-23 14:13:40,786 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-23 14:13:40,786 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-23 14:13:40,787 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-23 14:13:40,787 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-23 14:13:40,787 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-23 14:13:40,788 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-23 14:13:40,788 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-23 14:13:40,789 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-23 14:13:40,789 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-23 14:13:40,789 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-23 14:13:40,790 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-23 14:13:40,790 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-23 14:13:40,790 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-23 14:13:40,790 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-23 14:13:40,790 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-23 14:13:40,791 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-23 14:13:40,791 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 14:13:40,791 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-23 14:13:40,791 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-23 14:13:40,792 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-23 14:13:40,792 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-23 14:13:40,792 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-23 14:13:40,792 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-23 14:13:40,792 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-23 14:13:40,793 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-23 14:13:40,793 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 5a0a9a5f1521df25ea0ff390c35c7186e45318cd30c225704d83030e156744fb [2022-11-23 14:13:41,084 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-23 14:13:41,111 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-23 14:13:41,114 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-23 14:13:41,115 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-23 14:13:41,116 INFO L275 PluginConnector]: CDTParser initialized [2022-11-23 14:13:41,118 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/../../sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c [2022-11-23 14:13:44,235 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-23 14:13:44,566 INFO L351 CDTParser]: Found 1 translation units. [2022-11-23 14:13:44,567 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c [2022-11-23 14:13:44,580 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/data/5d144a1f5/240f9f0697854dc9bdb6969f26e2bfa6/FLAG529752e09 [2022-11-23 14:13:44,596 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/data/5d144a1f5/240f9f0697854dc9bdb6969f26e2bfa6 [2022-11-23 14:13:44,599 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-23 14:13:44,601 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-23 14:13:44,603 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-23 14:13:44,603 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-23 14:13:44,607 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-23 14:13:44,608 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 02:13:44" (1/1) ... [2022-11-23 14:13:44,610 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@77374a27 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:44, skipping insertion in model container [2022-11-23 14:13:44,610 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 02:13:44" (1/1) ... [2022-11-23 14:13:44,622 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-23 14:13:44,696 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-23 14:13:45,000 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c[3645,3658] [2022-11-23 14:13:45,183 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 14:13:45,203 INFO L203 MainTranslator]: Completed pre-run [2022-11-23 14:13:45,240 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c[3645,3658] [2022-11-23 14:13:45,309 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 14:13:45,330 INFO L208 MainTranslator]: Completed translation [2022-11-23 14:13:45,337 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45 WrapperNode [2022-11-23 14:13:45,338 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-23 14:13:45,339 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-23 14:13:45,340 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-23 14:13:45,340 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-23 14:13:45,348 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (1/1) ... [2022-11-23 14:13:45,371 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (1/1) ... [2022-11-23 14:13:45,421 INFO L138 Inliner]: procedures = 57, calls = 102, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 215 [2022-11-23 14:13:45,422 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-23 14:13:45,423 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-23 14:13:45,423 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-23 14:13:45,424 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-23 14:13:45,436 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (1/1) ... [2022-11-23 14:13:45,436 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (1/1) ... [2022-11-23 14:13:45,450 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (1/1) ... [2022-11-23 14:13:45,456 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (1/1) ... [2022-11-23 14:13:45,461 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (1/1) ... [2022-11-23 14:13:45,479 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (1/1) ... [2022-11-23 14:13:45,481 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (1/1) ... [2022-11-23 14:13:45,483 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (1/1) ... [2022-11-23 14:13:45,485 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-23 14:13:45,486 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-23 14:13:45,487 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-23 14:13:45,488 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-23 14:13:45,489 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (1/1) ... [2022-11-23 14:13:45,502 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 14:13:45,515 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 14:13:45,532 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-23 14:13:45,553 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-23 14:13:45,577 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-23 14:13:45,578 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-23 14:13:45,578 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-23 14:13:45,578 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-23 14:13:45,578 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-23 14:13:45,578 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-23 14:13:45,578 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-23 14:13:45,578 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-23 14:13:45,579 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-23 14:13:45,579 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 14:13:45,579 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 14:13:45,579 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-23 14:13:45,579 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-23 14:13:45,579 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-23 14:13:45,580 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-23 14:13:45,580 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-23 14:13:45,580 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-23 14:13:45,580 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-23 14:13:45,580 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-23 14:13:45,580 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-23 14:13:45,664 INFO L235 CfgBuilder]: Building ICFG [2022-11-23 14:13:45,667 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-23 14:13:46,075 INFO L276 CfgBuilder]: Performing block encoding [2022-11-23 14:13:46,212 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-23 14:13:46,221 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-23 14:13:46,225 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 02:13:46 BoogieIcfgContainer [2022-11-23 14:13:46,225 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-23 14:13:46,232 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-23 14:13:46,232 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-23 14:13:46,236 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-23 14:13:46,236 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 23.11 02:13:44" (1/3) ... [2022-11-23 14:13:46,238 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2bd2f480 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 02:13:46, skipping insertion in model container [2022-11-23 14:13:46,238 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:13:45" (2/3) ... [2022-11-23 14:13:46,240 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2bd2f480 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 02:13:46, skipping insertion in model container [2022-11-23 14:13:46,240 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 02:13:46" (3/3) ... [2022-11-23 14:13:46,245 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product59.cil.c [2022-11-23 14:13:46,265 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-23 14:13:46,266 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-23 14:13:46,347 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-23 14:13:46,356 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@66716432, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-23 14:13:46,356 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-23 14:13:46,361 INFO L276 IsEmpty]: Start isEmpty. Operand has 65 states, 41 states have (on average 1.4390243902439024) internal successors, (59), 50 states have internal predecessors, (59), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-23 14:13:46,374 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-11-23 14:13:46,375 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:13:46,375 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:13:46,376 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:13:46,386 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:13:46,386 INFO L85 PathProgramCache]: Analyzing trace with hash -1746687220, now seen corresponding path program 1 times [2022-11-23 14:13:46,398 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:13:46,398 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [262792562] [2022-11-23 14:13:46,398 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:13:46,399 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:13:46,514 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:13:46,637 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 14:13:46,637 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:13:46,638 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [262792562] [2022-11-23 14:13:46,639 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [262792562] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:13:46,639 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:13:46,640 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-23 14:13:46,641 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1268584141] [2022-11-23 14:13:46,642 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:13:46,646 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-23 14:13:46,648 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:13:46,694 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-23 14:13:46,696 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 14:13:46,700 INFO L87 Difference]: Start difference. First operand has 65 states, 41 states have (on average 1.4390243902439024) internal successors, (59), 50 states have internal predecessors, (59), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 14:13:46,832 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:13:46,832 INFO L93 Difference]: Finished difference Result 128 states and 175 transitions. [2022-11-23 14:13:46,840 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-23 14:13:46,841 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 16 [2022-11-23 14:13:46,842 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:13:46,853 INFO L225 Difference]: With dead ends: 128 [2022-11-23 14:13:46,854 INFO L226 Difference]: Without dead ends: 60 [2022-11-23 14:13:46,860 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 14:13:46,863 INFO L413 NwaCegarLoop]: 67 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 67 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:13:46,864 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 67 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:13:46,895 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2022-11-23 14:13:46,918 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2022-11-23 14:13:46,920 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 38 states have (on average 1.3421052631578947) internal successors, (51), 46 states have internal predecessors, (51), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-23 14:13:46,922 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 78 transitions. [2022-11-23 14:13:46,924 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 78 transitions. Word has length 16 [2022-11-23 14:13:46,924 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:13:46,925 INFO L495 AbstractCegarLoop]: Abstraction has 60 states and 78 transitions. [2022-11-23 14:13:46,925 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 14:13:46,925 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 78 transitions. [2022-11-23 14:13:46,927 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-23 14:13:46,928 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:13:46,928 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:13:46,928 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-23 14:13:46,929 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:13:46,929 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:13:46,930 INFO L85 PathProgramCache]: Analyzing trace with hash -1438964340, now seen corresponding path program 1 times [2022-11-23 14:13:46,930 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:13:46,930 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1956158177] [2022-11-23 14:13:46,930 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:13:46,931 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:13:46,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:13:47,042 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 14:13:47,043 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:13:47,044 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1956158177] [2022-11-23 14:13:47,045 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1956158177] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:13:47,045 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:13:47,045 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-23 14:13:47,046 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [812018200] [2022-11-23 14:13:47,047 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:13:47,048 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 14:13:47,049 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:13:47,051 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 14:13:47,053 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 14:13:47,054 INFO L87 Difference]: Start difference. First operand 60 states and 78 transitions. Second operand has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 14:13:47,105 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:13:47,105 INFO L93 Difference]: Finished difference Result 92 states and 118 transitions. [2022-11-23 14:13:47,106 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 14:13:47,106 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-23 14:13:47,106 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:13:47,108 INFO L225 Difference]: With dead ends: 92 [2022-11-23 14:13:47,108 INFO L226 Difference]: Without dead ends: 52 [2022-11-23 14:13:47,109 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 14:13:47,110 INFO L413 NwaCegarLoop]: 53 mSDtfsCounter, 14 mSDsluCounter, 36 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 89 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-23 14:13:47,111 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 89 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-23 14:13:47,112 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 52 states. [2022-11-23 14:13:47,120 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 52 to 52. [2022-11-23 14:13:47,121 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 52 states, 33 states have (on average 1.3636363636363635) internal successors, (45), 41 states have internal predecessors, (45), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-23 14:13:47,122 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 52 states to 52 states and 67 transitions. [2022-11-23 14:13:47,123 INFO L78 Accepts]: Start accepts. Automaton has 52 states and 67 transitions. Word has length 17 [2022-11-23 14:13:47,123 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:13:47,123 INFO L495 AbstractCegarLoop]: Abstraction has 52 states and 67 transitions. [2022-11-23 14:13:47,123 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 14:13:47,124 INFO L276 IsEmpty]: Start isEmpty. Operand 52 states and 67 transitions. [2022-11-23 14:13:47,125 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-11-23 14:13:47,125 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:13:47,125 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:13:47,125 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-23 14:13:47,126 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:13:47,126 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:13:47,126 INFO L85 PathProgramCache]: Analyzing trace with hash -813556764, now seen corresponding path program 1 times [2022-11-23 14:13:47,127 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:13:47,127 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [996093930] [2022-11-23 14:13:47,127 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:13:47,127 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:13:47,148 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:13:47,264 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 14:13:47,264 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:13:47,264 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [996093930] [2022-11-23 14:13:47,264 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [996093930] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:13:47,265 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:13:47,265 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-23 14:13:47,265 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [6561546] [2022-11-23 14:13:47,265 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:13:47,266 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-23 14:13:47,266 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:13:47,266 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-23 14:13:47,267 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-23 14:13:47,267 INFO L87 Difference]: Start difference. First operand 52 states and 67 transitions. Second operand has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 14:13:47,416 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:13:47,417 INFO L93 Difference]: Finished difference Result 149 states and 198 transitions. [2022-11-23 14:13:47,417 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-23 14:13:47,418 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-11-23 14:13:47,418 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:13:47,419 INFO L225 Difference]: With dead ends: 149 [2022-11-23 14:13:47,419 INFO L226 Difference]: Without dead ends: 99 [2022-11-23 14:13:47,420 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-23 14:13:47,422 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 81 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 73 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 148 SdHoareTripleChecker+Invalid, 82 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 73 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:13:47,423 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [81 Valid, 148 Invalid, 82 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 73 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:13:47,424 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 99 states. [2022-11-23 14:13:47,439 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 99 to 82. [2022-11-23 14:13:47,439 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 53 states have (on average 1.3584905660377358) internal successors, (72), 64 states have internal predecessors, (72), 16 states have call successors, (16), 12 states have call predecessors, (16), 12 states have return successors, (17), 12 states have call predecessors, (17), 16 states have call successors, (17) [2022-11-23 14:13:47,441 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 105 transitions. [2022-11-23 14:13:47,441 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 105 transitions. Word has length 20 [2022-11-23 14:13:47,442 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:13:47,442 INFO L495 AbstractCegarLoop]: Abstraction has 82 states and 105 transitions. [2022-11-23 14:13:47,442 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 14:13:47,442 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 105 transitions. [2022-11-23 14:13:47,443 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-11-23 14:13:47,443 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:13:47,444 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:13:47,444 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-23 14:13:47,444 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:13:47,444 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:13:47,445 INFO L85 PathProgramCache]: Analyzing trace with hash -616885384, now seen corresponding path program 1 times [2022-11-23 14:13:47,445 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:13:47,445 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [365426865] [2022-11-23 14:13:47,445 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:13:47,445 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:13:47,471 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:13:47,663 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 14:13:47,663 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:13:47,663 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [365426865] [2022-11-23 14:13:47,664 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [365426865] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:13:47,665 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:13:47,665 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-23 14:13:47,665 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1341710521] [2022-11-23 14:13:47,665 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:13:47,666 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-23 14:13:47,666 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:13:47,666 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-23 14:13:47,667 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-23 14:13:47,667 INFO L87 Difference]: Start difference. First operand 82 states and 105 transitions. Second operand has 6 states, 5 states have (on average 4.0) internal successors, (20), 4 states have internal predecessors, (20), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 14:13:47,871 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:13:47,871 INFO L93 Difference]: Finished difference Result 240 states and 314 transitions. [2022-11-23 14:13:47,872 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-23 14:13:47,872 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.0) internal successors, (20), 4 states have internal predecessors, (20), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-11-23 14:13:47,872 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:13:47,874 INFO L225 Difference]: With dead ends: 240 [2022-11-23 14:13:47,874 INFO L226 Difference]: Without dead ends: 160 [2022-11-23 14:13:47,875 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-23 14:13:47,877 INFO L413 NwaCegarLoop]: 62 mSDtfsCounter, 45 mSDsluCounter, 211 mSDsCounter, 0 mSdLazyCounter, 102 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 48 SdHoareTripleChecker+Valid, 273 SdHoareTripleChecker+Invalid, 103 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 102 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:13:47,877 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [48 Valid, 273 Invalid, 103 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 102 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:13:47,878 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 160 states. [2022-11-23 14:13:47,931 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 160 to 152. [2022-11-23 14:13:47,932 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 152 states, 99 states have (on average 1.3434343434343434) internal successors, (133), 118 states have internal predecessors, (133), 30 states have call successors, (30), 22 states have call predecessors, (30), 22 states have return successors, (32), 22 states have call predecessors, (32), 30 states have call successors, (32) [2022-11-23 14:13:47,934 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 152 states to 152 states and 195 transitions. [2022-11-23 14:13:47,935 INFO L78 Accepts]: Start accepts. Automaton has 152 states and 195 transitions. Word has length 23 [2022-11-23 14:13:47,935 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:13:47,935 INFO L495 AbstractCegarLoop]: Abstraction has 152 states and 195 transitions. [2022-11-23 14:13:47,936 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.0) internal successors, (20), 4 states have internal predecessors, (20), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 14:13:47,936 INFO L276 IsEmpty]: Start isEmpty. Operand 152 states and 195 transitions. [2022-11-23 14:13:47,937 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-11-23 14:13:47,937 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:13:47,938 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:13:47,938 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-23 14:13:47,938 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:13:47,938 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:13:47,939 INFO L85 PathProgramCache]: Analyzing trace with hash 2140322578, now seen corresponding path program 1 times [2022-11-23 14:13:47,939 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:13:47,939 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2053497621] [2022-11-23 14:13:47,939 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:13:47,939 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:13:47,972 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:13:48,247 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 14:13:48,247 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:13:48,247 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2053497621] [2022-11-23 14:13:48,248 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2053497621] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:13:48,248 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:13:48,248 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-23 14:13:48,248 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1453906680] [2022-11-23 14:13:48,249 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:13:48,249 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-23 14:13:48,249 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:13:48,250 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-23 14:13:48,250 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-23 14:13:48,250 INFO L87 Difference]: Start difference. First operand 152 states and 195 transitions. Second operand has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:13:48,357 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:13:48,358 INFO L93 Difference]: Finished difference Result 368 states and 488 transitions. [2022-11-23 14:13:48,358 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-23 14:13:48,358 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 26 [2022-11-23 14:13:48,359 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:13:48,361 INFO L225 Difference]: With dead ends: 368 [2022-11-23 14:13:48,362 INFO L226 Difference]: Without dead ends: 218 [2022-11-23 14:13:48,363 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-23 14:13:48,364 INFO L413 NwaCegarLoop]: 58 mSDtfsCounter, 38 mSDsluCounter, 98 mSDsCounter, 0 mSdLazyCounter, 48 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 156 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 48 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:13:48,365 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 156 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 48 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:13:48,366 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 218 states. [2022-11-23 14:13:48,403 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 218 to 210. [2022-11-23 14:13:48,411 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 210 states, 143 states have (on average 1.2797202797202798) internal successors, (183), 159 states have internal predecessors, (183), 35 states have call successors, (35), 31 states have call predecessors, (35), 31 states have return successors, (47), 33 states have call predecessors, (47), 35 states have call successors, (47) [2022-11-23 14:13:48,414 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 265 transitions. [2022-11-23 14:13:48,419 INFO L78 Accepts]: Start accepts. Automaton has 210 states and 265 transitions. Word has length 26 [2022-11-23 14:13:48,419 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:13:48,420 INFO L495 AbstractCegarLoop]: Abstraction has 210 states and 265 transitions. [2022-11-23 14:13:48,420 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:13:48,420 INFO L276 IsEmpty]: Start isEmpty. Operand 210 states and 265 transitions. [2022-11-23 14:13:48,422 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-11-23 14:13:48,422 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:13:48,422 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:13:48,422 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-23 14:13:48,423 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:13:48,423 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:13:48,423 INFO L85 PathProgramCache]: Analyzing trace with hash -1556478412, now seen corresponding path program 1 times [2022-11-23 14:13:48,424 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:13:48,424 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [809295946] [2022-11-23 14:13:48,424 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:13:48,424 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:13:48,440 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:13:48,618 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:13:48,619 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:13:48,619 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [809295946] [2022-11-23 14:13:48,619 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [809295946] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:13:48,620 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:13:48,620 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-23 14:13:48,620 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1618158008] [2022-11-23 14:13:48,620 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:13:48,621 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-23 14:13:48,621 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:13:48,622 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-23 14:13:48,622 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-11-23 14:13:48,622 INFO L87 Difference]: Start difference. First operand 210 states and 265 transitions. Second operand has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 3 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-23 14:13:48,947 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:13:48,947 INFO L93 Difference]: Finished difference Result 656 states and 863 transitions. [2022-11-23 14:13:48,948 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-23 14:13:48,950 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 3 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 35 [2022-11-23 14:13:48,950 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:13:48,960 INFO L225 Difference]: With dead ends: 656 [2022-11-23 14:13:48,960 INFO L226 Difference]: Without dead ends: 448 [2022-11-23 14:13:48,962 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=35, Unknown=0, NotChecked=0, Total=56 [2022-11-23 14:13:48,970 INFO L413 NwaCegarLoop]: 101 mSDtfsCounter, 174 mSDsluCounter, 106 mSDsCounter, 0 mSdLazyCounter, 154 mSolverCounterSat, 38 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 176 SdHoareTripleChecker+Valid, 207 SdHoareTripleChecker+Invalid, 192 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 38 IncrementalHoareTripleChecker+Valid, 154 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-23 14:13:48,972 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [176 Valid, 207 Invalid, 192 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [38 Valid, 154 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-23 14:13:48,975 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 448 states. [2022-11-23 14:13:49,071 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 448 to 397. [2022-11-23 14:13:49,073 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 397 states, 282 states have (on average 1.2907801418439717) internal successors, (364), 300 states have internal predecessors, (364), 57 states have call successors, (57), 55 states have call predecessors, (57), 57 states have return successors, (79), 55 states have call predecessors, (79), 57 states have call successors, (79) [2022-11-23 14:13:49,080 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 397 states to 397 states and 500 transitions. [2022-11-23 14:13:49,081 INFO L78 Accepts]: Start accepts. Automaton has 397 states and 500 transitions. Word has length 35 [2022-11-23 14:13:49,081 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:13:49,081 INFO L495 AbstractCegarLoop]: Abstraction has 397 states and 500 transitions. [2022-11-23 14:13:49,082 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 3 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-23 14:13:49,082 INFO L276 IsEmpty]: Start isEmpty. Operand 397 states and 500 transitions. [2022-11-23 14:13:49,086 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-23 14:13:49,086 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:13:49,086 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:13:49,087 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-23 14:13:49,087 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:13:49,087 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:13:49,088 INFO L85 PathProgramCache]: Analyzing trace with hash 615116642, now seen corresponding path program 1 times [2022-11-23 14:13:49,088 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:13:49,088 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1278807058] [2022-11-23 14:13:49,088 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:13:49,089 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:13:49,125 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:13:49,511 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-23 14:13:49,512 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:13:49,512 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1278807058] [2022-11-23 14:13:49,512 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1278807058] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 14:13:49,512 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [365772622] [2022-11-23 14:13:49,513 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:13:49,513 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:13:49,513 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 14:13:49,517 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 14:13:49,574 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-23 14:13:49,648 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:13:49,664 INFO L263 TraceCheckSpWp]: Trace formula consists of 213 conjuncts, 31 conjunts are in the unsatisfiable core [2022-11-23 14:13:49,685 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 14:13:50,080 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 14:13:50,080 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 14:13:50,566 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-23 14:13:50,567 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [365772622] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 14:13:50,567 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1787373610] [2022-11-23 14:13:50,588 INFO L159 IcfgInterpreter]: Started Sifa with 37 locations of interest [2022-11-23 14:13:50,588 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 14:13:50,593 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 14:13:50,599 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 14:13:50,599 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 14:13:52,089 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 114 for LOIs [2022-11-23 14:13:52,113 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 136 for LOIs [2022-11-23 14:13:52,995 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 131 for LOIs [2022-11-23 14:13:53,647 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 44 for LOIs [2022-11-23 14:13:53,654 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 112 for LOIs [2022-11-23 14:13:53,668 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 14:14:07,718 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4223#(and (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~5#1|) (<= 0 |#NULL.base|) (<= 0 |old(~pumpRunning~0)|) (<= ~pumpRunning~0 1) (= ~head~0.offset 0) (<= 1 ~systemActive~0) (<= 2 ~waterLevel~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~5#1|) (<= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (= ~methaneLevelCritical~0 1) (<= |old(~pumpRunning~0)| 0) (<= 2 |old(~waterLevel~0)|) (<= 0 ~head~0.base) (<= |#NULL.base| 0) (<= 0 ~pumpRunning~0) (<= ~head~0.base 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1|) (<= 0 |#NULL.offset|) (<= 0 |#StackHeapBarrier|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 1) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4))' at error location [2022-11-23 14:14:07,719 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 14:14:07,719 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 14:14:07,719 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 10, 10] total 25 [2022-11-23 14:14:07,719 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [705394796] [2022-11-23 14:14:07,720 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 14:14:07,720 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2022-11-23 14:14:07,721 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:14:07,721 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2022-11-23 14:14:07,722 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=341, Invalid=2311, Unknown=0, NotChecked=0, Total=2652 [2022-11-23 14:14:07,723 INFO L87 Difference]: Start difference. First operand 397 states and 500 transitions. Second operand has 25 states, 18 states have (on average 3.2777777777777777) internal successors, (59), 19 states have internal predecessors, (59), 8 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) [2022-11-23 14:14:10,943 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:14:10,943 INFO L93 Difference]: Finished difference Result 1243 states and 1693 transitions. [2022-11-23 14:14:10,944 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 47 states. [2022-11-23 14:14:10,944 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 18 states have (on average 3.2777777777777777) internal successors, (59), 19 states have internal predecessors, (59), 8 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) Word has length 38 [2022-11-23 14:14:10,945 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:14:10,956 INFO L225 Difference]: With dead ends: 1243 [2022-11-23 14:14:10,956 INFO L226 Difference]: Without dead ends: 848 [2022-11-23 14:14:10,960 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 176 GetRequests, 78 SyntacticMatches, 6 SemanticMatches, 92 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3121 ImplicationChecksByTransitivity, 15.7s TimeCoverageRelationStatistics Valid=986, Invalid=7756, Unknown=0, NotChecked=0, Total=8742 [2022-11-23 14:14:10,961 INFO L413 NwaCegarLoop]: 73 mSDtfsCounter, 996 mSDsluCounter, 578 mSDsCounter, 0 mSdLazyCounter, 1890 mSolverCounterSat, 652 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1006 SdHoareTripleChecker+Valid, 651 SdHoareTripleChecker+Invalid, 2542 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 652 IncrementalHoareTripleChecker+Valid, 1890 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.7s IncrementalHoareTripleChecker+Time [2022-11-23 14:14:10,961 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1006 Valid, 651 Invalid, 2542 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [652 Valid, 1890 Invalid, 0 Unknown, 0 Unchecked, 1.7s Time] [2022-11-23 14:14:10,963 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 848 states. [2022-11-23 14:14:11,043 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 848 to 646. [2022-11-23 14:14:11,045 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 646 states, 454 states have (on average 1.251101321585903) internal successors, (568), 484 states have internal predecessors, (568), 95 states have call successors, (95), 89 states have call predecessors, (95), 96 states have return successors, (125), 94 states have call predecessors, (125), 95 states have call successors, (125) [2022-11-23 14:14:11,049 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 646 states to 646 states and 788 transitions. [2022-11-23 14:14:11,050 INFO L78 Accepts]: Start accepts. Automaton has 646 states and 788 transitions. Word has length 38 [2022-11-23 14:14:11,050 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:14:11,050 INFO L495 AbstractCegarLoop]: Abstraction has 646 states and 788 transitions. [2022-11-23 14:14:11,050 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 18 states have (on average 3.2777777777777777) internal successors, (59), 19 states have internal predecessors, (59), 8 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) [2022-11-23 14:14:11,051 INFO L276 IsEmpty]: Start isEmpty. Operand 646 states and 788 transitions. [2022-11-23 14:14:11,053 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 71 [2022-11-23 14:14:11,053 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:14:11,054 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:14:11,067 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-23 14:14:11,260 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable6 [2022-11-23 14:14:11,261 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:14:11,261 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:14:11,262 INFO L85 PathProgramCache]: Analyzing trace with hash 1149268191, now seen corresponding path program 1 times [2022-11-23 14:14:11,262 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:14:11,262 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1385829618] [2022-11-23 14:14:11,262 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:14:11,263 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:14:11,277 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:14:11,331 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 16 proven. 0 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-23 14:14:11,331 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:14:11,331 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1385829618] [2022-11-23 14:14:11,331 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1385829618] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:14:11,331 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:14:11,332 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-23 14:14:11,332 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1935052748] [2022-11-23 14:14:11,332 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:14:11,332 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-23 14:14:11,333 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:14:11,333 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-23 14:14:11,333 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-23 14:14:11,333 INFO L87 Difference]: Start difference. First operand 646 states and 788 transitions. Second operand has 4 states, 3 states have (on average 15.666666666666666) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 3 states have call predecessors, (9), 4 states have call successors, (9) [2022-11-23 14:14:11,508 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:14:11,508 INFO L93 Difference]: Finished difference Result 1302 states and 1586 transitions. [2022-11-23 14:14:11,509 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-23 14:14:11,509 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 15.666666666666666) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 3 states have call predecessors, (9), 4 states have call successors, (9) Word has length 70 [2022-11-23 14:14:11,509 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:14:11,513 INFO L225 Difference]: With dead ends: 1302 [2022-11-23 14:14:11,513 INFO L226 Difference]: Without dead ends: 474 [2022-11-23 14:14:11,515 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-23 14:14:11,517 INFO L413 NwaCegarLoop]: 75 mSDtfsCounter, 87 mSDsluCounter, 45 mSDsCounter, 0 mSdLazyCounter, 78 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 87 SdHoareTripleChecker+Valid, 120 SdHoareTripleChecker+Invalid, 80 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 78 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:14:11,517 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [87 Valid, 120 Invalid, 80 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 78 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:14:11,519 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 474 states. [2022-11-23 14:14:11,575 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 474 to 458. [2022-11-23 14:14:11,576 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 458 states, 315 states have (on average 1.180952380952381) internal successors, (372), 334 states have internal predecessors, (372), 69 states have call successors, (69), 66 states have call predecessors, (69), 73 states have return successors, (91), 71 states have call predecessors, (91), 69 states have call successors, (91) [2022-11-23 14:14:11,578 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 458 states to 458 states and 532 transitions. [2022-11-23 14:14:11,579 INFO L78 Accepts]: Start accepts. Automaton has 458 states and 532 transitions. Word has length 70 [2022-11-23 14:14:11,579 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:14:11,579 INFO L495 AbstractCegarLoop]: Abstraction has 458 states and 532 transitions. [2022-11-23 14:14:11,580 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 15.666666666666666) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 3 states have call predecessors, (9), 4 states have call successors, (9) [2022-11-23 14:14:11,580 INFO L276 IsEmpty]: Start isEmpty. Operand 458 states and 532 transitions. [2022-11-23 14:14:11,581 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2022-11-23 14:14:11,581 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:14:11,582 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:14:11,582 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-23 14:14:11,582 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:14:11,583 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:14:11,583 INFO L85 PathProgramCache]: Analyzing trace with hash 1074357167, now seen corresponding path program 1 times [2022-11-23 14:14:11,583 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:14:11,583 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1530052579] [2022-11-23 14:14:11,584 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:14:11,584 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:14:11,603 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:14:12,072 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 5 proven. 6 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2022-11-23 14:14:12,072 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:14:12,072 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1530052579] [2022-11-23 14:14:12,077 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1530052579] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 14:14:12,077 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1187714365] [2022-11-23 14:14:12,077 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:14:12,077 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:14:12,078 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 14:14:12,079 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 14:14:12,122 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-23 14:14:12,193 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:14:12,195 INFO L263 TraceCheckSpWp]: Trace formula consists of 296 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-23 14:14:12,199 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 14:14:12,629 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 13 proven. 11 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:14:12,629 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 14:14:13,214 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 13 proven. 3 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-23 14:14:13,215 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1187714365] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 14:14:13,215 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1931576631] [2022-11-23 14:14:13,222 INFO L159 IcfgInterpreter]: Started Sifa with 44 locations of interest [2022-11-23 14:14:13,222 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 14:14:13,223 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 14:14:13,223 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 14:14:13,223 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 14:14:21,839 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 43 for LOIs [2022-11-23 14:14:21,846 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 27 for LOIs [2022-11-23 14:14:22,027 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 58 for LOIs [2022-11-23 14:14:22,409 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 48 for LOIs [2022-11-23 14:14:22,419 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 22 for LOIs [2022-11-23 14:14:22,422 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 34 for LOIs [2022-11-23 14:14:22,424 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 14:14:27,439 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '10081#(and (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~5#1|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| ~methaneLevelCritical~0) (= ~head~0.offset 0) (<= |timeShift_isPumpRunning_#res#1| 2147483647) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~5#1|) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 (+ |timeShift_isPumpRunning_#res#1| 2147483648)) (<= 0 |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1|) (<= 0 |#StackHeapBarrier|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-23 14:14:27,439 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 14:14:27,440 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 14:14:27,440 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 11, 14] total 30 [2022-11-23 14:14:27,440 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2081966786] [2022-11-23 14:14:27,440 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 14:14:27,441 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 30 states [2022-11-23 14:14:27,441 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:14:27,441 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2022-11-23 14:14:27,442 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=427, Invalid=3233, Unknown=0, NotChecked=0, Total=3660 [2022-11-23 14:14:27,443 INFO L87 Difference]: Start difference. First operand 458 states and 532 transitions. Second operand has 30 states, 27 states have (on average 3.5555555555555554) internal successors, (96), 24 states have internal predecessors, (96), 12 states have call successors, (24), 11 states have call predecessors, (24), 10 states have return successors, (22), 9 states have call predecessors, (22), 12 states have call successors, (22) [2022-11-23 14:14:29,117 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:14:29,117 INFO L93 Difference]: Finished difference Result 1479 states and 1769 transitions. [2022-11-23 14:14:29,118 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2022-11-23 14:14:29,118 INFO L78 Accepts]: Start accepts. Automaton has has 30 states, 27 states have (on average 3.5555555555555554) internal successors, (96), 24 states have internal predecessors, (96), 12 states have call successors, (24), 11 states have call predecessors, (24), 10 states have return successors, (22), 9 states have call predecessors, (22), 12 states have call successors, (22) Word has length 67 [2022-11-23 14:14:29,119 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:14:29,124 INFO L225 Difference]: With dead ends: 1479 [2022-11-23 14:14:29,124 INFO L226 Difference]: Without dead ends: 1053 [2022-11-23 14:14:29,127 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 239 GetRequests, 147 SyntacticMatches, 11 SemanticMatches, 81 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3234 ImplicationChecksByTransitivity, 6.2s TimeCoverageRelationStatistics Valid=872, Invalid=5934, Unknown=0, NotChecked=0, Total=6806 [2022-11-23 14:14:29,128 INFO L413 NwaCegarLoop]: 58 mSDtfsCounter, 673 mSDsluCounter, 356 mSDsCounter, 0 mSdLazyCounter, 787 mSolverCounterSat, 397 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 679 SdHoareTripleChecker+Valid, 414 SdHoareTripleChecker+Invalid, 1184 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 397 IncrementalHoareTripleChecker+Valid, 787 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-11-23 14:14:29,128 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [679 Valid, 414 Invalid, 1184 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [397 Valid, 787 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-11-23 14:14:29,130 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1053 states. [2022-11-23 14:14:29,223 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1053 to 767. [2022-11-23 14:14:29,225 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 767 states, 533 states have (on average 1.1876172607879925) internal successors, (633), 565 states have internal predecessors, (633), 116 states have call successors, (116), 105 states have call predecessors, (116), 117 states have return successors, (148), 122 states have call predecessors, (148), 116 states have call successors, (148) [2022-11-23 14:14:29,228 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 767 states to 767 states and 897 transitions. [2022-11-23 14:14:29,229 INFO L78 Accepts]: Start accepts. Automaton has 767 states and 897 transitions. Word has length 67 [2022-11-23 14:14:29,229 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:14:29,229 INFO L495 AbstractCegarLoop]: Abstraction has 767 states and 897 transitions. [2022-11-23 14:14:29,230 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 30 states, 27 states have (on average 3.5555555555555554) internal successors, (96), 24 states have internal predecessors, (96), 12 states have call successors, (24), 11 states have call predecessors, (24), 10 states have return successors, (22), 9 states have call predecessors, (22), 12 states have call successors, (22) [2022-11-23 14:14:29,230 INFO L276 IsEmpty]: Start isEmpty. Operand 767 states and 897 transitions. [2022-11-23 14:14:29,232 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2022-11-23 14:14:29,232 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:14:29,233 INFO L195 NwaCegarLoop]: trace histogram [6, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:14:29,243 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-23 14:14:29,448 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable8 [2022-11-23 14:14:29,448 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:14:29,449 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:14:29,449 INFO L85 PathProgramCache]: Analyzing trace with hash 365085322, now seen corresponding path program 1 times [2022-11-23 14:14:29,449 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:14:29,449 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1942304720] [2022-11-23 14:14:29,449 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:14:29,450 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:14:29,489 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:14:30,532 INFO L134 CoverageAnalysis]: Checked inductivity of 149 backedges. 56 proven. 49 refuted. 0 times theorem prover too weak. 44 trivial. 0 not checked. [2022-11-23 14:14:30,532 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:14:30,533 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1942304720] [2022-11-23 14:14:30,533 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1942304720] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 14:14:30,533 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1868318848] [2022-11-23 14:14:30,533 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:14:30,533 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:14:30,534 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 14:14:30,535 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 14:14:30,559 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-23 14:14:30,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:14:30,675 INFO L263 TraceCheckSpWp]: Trace formula consists of 468 conjuncts, 39 conjunts are in the unsatisfiable core [2022-11-23 14:14:30,680 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 14:14:31,454 INFO L134 CoverageAnalysis]: Checked inductivity of 149 backedges. 71 proven. 74 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-23 14:14:31,454 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 14:14:32,505 INFO L134 CoverageAnalysis]: Checked inductivity of 149 backedges. 79 proven. 32 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2022-11-23 14:14:32,505 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1868318848] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 14:14:32,506 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [997655439] [2022-11-23 14:14:32,508 INFO L159 IcfgInterpreter]: Started Sifa with 47 locations of interest [2022-11-23 14:14:32,509 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 14:14:32,509 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 14:14:32,510 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 14:14:32,510 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 14:14:38,064 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 23 for LOIs [2022-11-23 14:14:38,067 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 43 for LOIs [2022-11-23 14:14:38,437 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 37 for LOIs [2022-11-23 14:14:38,597 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 38 for LOIs [2022-11-23 14:14:38,604 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 22 for LOIs [2022-11-23 14:14:38,606 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 40 for LOIs [2022-11-23 14:14:38,611 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 46 for LOIs [2022-11-23 14:14:38,616 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 14:14:45,327 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '14236#(and (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~5#1|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| ~methaneLevelCritical~0) (= ~head~0.offset 0) (<= |timeShift_isPumpRunning_#res#1| 2147483647) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~5#1|) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 (+ |timeShift_isPumpRunning_#res#1| 2147483648)) (<= 0 |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1|) (<= 0 |#StackHeapBarrier|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-23 14:14:45,327 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 14:14:45,327 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 14:14:45,327 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 18, 17] total 43 [2022-11-23 14:14:45,328 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [941107244] [2022-11-23 14:14:45,328 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 14:14:45,328 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 43 states [2022-11-23 14:14:45,329 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:14:45,329 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 43 interpolants. [2022-11-23 14:14:45,332 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=641, Invalid=4761, Unknown=0, NotChecked=0, Total=5402 [2022-11-23 14:14:45,332 INFO L87 Difference]: Start difference. First operand 767 states and 897 transitions. Second operand has 43 states, 40 states have (on average 4.525) internal successors, (181), 40 states have internal predecessors, (181), 25 states have call successors, (41), 12 states have call predecessors, (41), 17 states have return successors, (42), 20 states have call predecessors, (42), 25 states have call successors, (42) [2022-11-23 14:14:46,510 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:14:46,510 INFO L93 Difference]: Finished difference Result 1117 states and 1303 transitions. [2022-11-23 14:14:46,511 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2022-11-23 14:14:46,511 INFO L78 Accepts]: Start accepts. Automaton has has 43 states, 40 states have (on average 4.525) internal successors, (181), 40 states have internal predecessors, (181), 25 states have call successors, (41), 12 states have call predecessors, (41), 17 states have return successors, (42), 20 states have call predecessors, (42), 25 states have call successors, (42) Word has length 121 [2022-11-23 14:14:46,514 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:14:46,515 INFO L225 Difference]: With dead ends: 1117 [2022-11-23 14:14:46,515 INFO L226 Difference]: Without dead ends: 0 [2022-11-23 14:14:46,523 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 402 GetRequests, 279 SyntacticMatches, 35 SemanticMatches, 88 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5552 ImplicationChecksByTransitivity, 8.1s TimeCoverageRelationStatistics Valid=1113, Invalid=6897, Unknown=0, NotChecked=0, Total=8010 [2022-11-23 14:14:46,524 INFO L413 NwaCegarLoop]: 48 mSDtfsCounter, 728 mSDsluCounter, 326 mSDsCounter, 0 mSdLazyCounter, 483 mSolverCounterSat, 423 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 729 SdHoareTripleChecker+Valid, 374 SdHoareTripleChecker+Invalid, 906 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 423 IncrementalHoareTripleChecker+Valid, 483 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-23 14:14:46,526 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [729 Valid, 374 Invalid, 906 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [423 Valid, 483 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-23 14:14:46,526 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-23 14:14:46,526 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-23 14:14:46,527 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-23 14:14:46,527 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-23 14:14:46,527 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 121 [2022-11-23 14:14:46,527 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:14:46,527 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-23 14:14:46,528 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 43 states, 40 states have (on average 4.525) internal successors, (181), 40 states have internal predecessors, (181), 25 states have call successors, (41), 12 states have call predecessors, (41), 17 states have return successors, (42), 20 states have call predecessors, (42), 25 states have call successors, (42) [2022-11-23 14:14:46,528 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-23 14:14:46,528 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-23 14:14:46,532 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-23 14:14:46,542 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2022-11-23 14:14:46,737 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-23 14:14:46,739 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-23 14:14:56,305 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 383 390) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (and (not (= ~waterLevel~0 1)) (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 1)) .cse2) (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1 .cse2))) [2022-11-23 14:14:56,306 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 383 390) no Hoare annotation was computed. [2022-11-23 14:14:56,306 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 298 304) no Hoare annotation was computed. [2022-11-23 14:14:56,306 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 298 304) the Hoare annotation is: true [2022-11-23 14:14:56,307 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 84 95) the Hoare annotation is: (let ((.cse10 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse0 (= ~methaneLevelCritical~0 1)) (.cse4 (not (= 0 ~systemActive~0))) (.cse12 (= ~pumpRunning~0 0))) (let ((.cse5 (not (= ~waterLevel~0 1))) (.cse9 (not (= |old(~methaneLevelCritical~0)| 0))) (.cse2 (not (<= 0 ~pumpRunning~0))) (.cse3 (not (<= ~pumpRunning~0 0))) (.cse6 (not .cse12)) (.cse7 (not (= 1 ~systemActive~0))) (.cse11 (not (= 2 ~waterLevel~0))) (.cse1 (not (= |old(~methaneLevelCritical~0)| 1))) (.cse8 (and .cse12 .cse10 .cse0 .cse4))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse7 .cse1 .cse8) (or .cse5 .cse9 .cse6 .cse7 .cse10) (or .cse9 .cse7 .cse11 .cse10) (or .cse9 .cse10 .cse2 .cse3 .cse4) (or .cse6 .cse7 .cse11 .cse1 .cse8)))) [2022-11-23 14:14:56,307 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 84 95) no Hoare annotation was computed. [2022-11-23 14:14:56,307 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 906 935) no Hoare annotation was computed. [2022-11-23 14:14:56,307 INFO L899 garLoopResultBuilder]: For program point L927(line 927) no Hoare annotation was computed. [2022-11-23 14:14:56,307 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 906 935) the Hoare annotation is: true [2022-11-23 14:14:56,307 INFO L899 garLoopResultBuilder]: For program point L920(lines 920 924) no Hoare annotation was computed. [2022-11-23 14:14:56,308 INFO L902 garLoopResultBuilder]: At program point L920-1(lines 920 924) the Hoare annotation is: true [2022-11-23 14:14:56,308 INFO L902 garLoopResultBuilder]: At program point L916-2(lines 916 930) the Hoare annotation is: true [2022-11-23 14:14:56,308 INFO L902 garLoopResultBuilder]: At program point L912(line 912) the Hoare annotation is: true [2022-11-23 14:14:56,308 INFO L899 garLoopResultBuilder]: For program point L912-1(line 912) no Hoare annotation was computed. [2022-11-23 14:14:56,308 INFO L902 garLoopResultBuilder]: At program point L931(lines 906 935) the Hoare annotation is: true [2022-11-23 14:14:56,309 INFO L895 garLoopResultBuilder]: At program point L193(line 193) the Hoare annotation is: (let ((.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse3 (not (= 0 ~systemActive~0))) (.cse7 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (<= |old(~pumpRunning~0)| 0))) (.cse2 (not (<= 0 |old(~pumpRunning~0)|))) (.cse4 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or (not (= |old(~pumpRunning~0)| 0)) .cse4 .cse5 .cse6) (or .cse7 .cse4 .cse0 .cse1 .cse2) (or .cse4 .cse1 .cse6) (or .cse0 .cse5 .cse2 .cse3) (or .cse7 .cse4 .cse0 .cse5 .cse2) (or .cse4 .cse5 (not (= |old(~pumpRunning~0)| 1)) .cse6))) [2022-11-23 14:14:56,309 INFO L895 garLoopResultBuilder]: At program point L346(line 346) the Hoare annotation is: (let ((.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse3 (not (= 0 ~systemActive~0))) (.cse7 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (<= |old(~pumpRunning~0)| 0))) (.cse2 (not (<= 0 |old(~pumpRunning~0)|))) (.cse4 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or (not (= |old(~pumpRunning~0)| 0)) .cse4 .cse5 .cse6) (or .cse7 .cse4 .cse0 .cse1 .cse2) (or .cse4 .cse1 .cse6) (or .cse0 .cse5 .cse2 .cse3) (or .cse7 .cse4 .cse0 .cse5 .cse2) (or .cse4 .cse5 (not (= |old(~pumpRunning~0)| 1)) .cse6))) [2022-11-23 14:14:56,310 INFO L895 garLoopResultBuilder]: At program point L342(line 342) the Hoare annotation is: (let ((.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse3 (not (= 0 ~systemActive~0))) (.cse6 (not (= |old(~waterLevel~0)| 2))) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse9 (= |timeShift_processEnvironment_~tmp~3#1| 1)) (.cse10 (= ~waterLevel~0 1)) (.cse7 (not (= |old(~waterLevel~0)| 1))) (.cse4 (not (= 1 ~systemActive~0))) (.cse0 (not (<= |old(~pumpRunning~0)| 0))) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse2 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3) (or (not (= |old(~pumpRunning~0)| 0)) .cse4 .cse5 .cse6) (or .cse7 .cse4 .cse0 .cse1 .cse2) (or (and .cse8 (not (= ~pumpRunning~0 0)) .cse9 .cse10) .cse4 .cse1 .cse6) (or .cse0 .cse5 .cse2 .cse3) (or .cse4 .cse5 (not (= |old(~pumpRunning~0)| 1)) .cse6 (and .cse8 .cse9 .cse10)) (or .cse7 .cse4 .cse0 .cse5 .cse2))) [2022-11-23 14:14:56,310 INFO L895 garLoopResultBuilder]: At program point L169(line 169) the Hoare annotation is: (let ((.cse16 (= 1 ~systemActive~0)) (.cse15 (= ~methaneLevelCritical~0 1)) (.cse14 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse11 (= ~pumpRunning~0 0)) (.cse13 (= ~waterLevel~0 1))) (let ((.cse6 (and .cse11 (= |timeShift_processEnvironment_~tmp~3#1| 1) .cse13)) (.cse3 (and .cse11 .cse13)) (.cse8 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse11 (= 2 ~waterLevel~0) .cse16 .cse15 .cse14)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not .cse16)) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse7 (not (= |old(~waterLevel~0)| 2))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse9 (not (<= |old(~pumpRunning~0)| 0))) (.cse4 (not .cse15)) (.cse10 (not (<= 0 |old(~pumpRunning~0)|))) (.cse12 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse2 .cse5 (not (= |old(~pumpRunning~0)| 1)) .cse6 .cse7) (or .cse2 .cse6 .cse4 .cse7 .cse8) (or .cse1 .cse2 .cse9 .cse5 .cse3 .cse10) (or .cse11 .cse9 .cse5 .cse10 .cse12) (or .cse0 .cse2 .cse4 .cse7 .cse8) (or .cse1 .cse9 .cse5 .cse13 .cse10 .cse12) (or .cse11 .cse9 .cse4 .cse10 .cse12) (or .cse0 .cse2 .cse5 .cse7 (and .cse14 (= ~pumpRunning~0 1))) (or .cse1 .cse9 .cse4 .cse13 .cse10 .cse12)))) [2022-11-23 14:14:56,310 INFO L899 garLoopResultBuilder]: For program point L169-1(line 169) no Hoare annotation was computed. [2022-11-23 14:14:56,311 INFO L895 garLoopResultBuilder]: At program point L351(line 351) the Hoare annotation is: (let ((.cse8 (= ~pumpRunning~0 0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse3 (and .cse8 (= ~waterLevel~0 1))) (.cse5 (not (<= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 0 |old(~pumpRunning~0)|))) (.cse7 (not (= 0 ~systemActive~0))) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse2 (not (= 1 ~systemActive~0))) (.cse10 (not (= ~methaneLevelCritical~0 0))) (.cse11 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse4 .cse6 .cse7) (or .cse0 (and .cse8 .cse9) .cse2 .cse10 .cse11) (or .cse1 .cse2 .cse5 .cse10 .cse3 .cse6) (or .cse5 .cse10 .cse6 .cse7) (or .cse2 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse8 .cse9) .cse4 .cse11) (or .cse2 .cse10 (not (= |old(~pumpRunning~0)| 1)) .cse11)))) [2022-11-23 14:14:56,311 INFO L895 garLoopResultBuilder]: At program point L351-1(lines 332 356) the Hoare annotation is: (let ((.cse13 (= 1 ~systemActive~0)) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse15 (= ~methaneLevelCritical~0 1)) (.cse14 (= ~pumpRunning~0 0)) (.cse16 (= ~waterLevel~0 1))) (let ((.cse6 (and .cse14 (= |timeShift_processEnvironment_~tmp~3#1| 1) .cse16)) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse3 (and .cse14 .cse16)) (.cse4 (not .cse15)) (.cse11 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse14 (= 2 ~waterLevel~0) .cse13 .cse15 .cse12)) (.cse8 (not (<= |old(~pumpRunning~0)| 0))) (.cse9 (not (<= 0 |old(~pumpRunning~0)|))) (.cse10 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not .cse13)) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse7 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse2 .cse5 (not (= |old(~pumpRunning~0)| 1)) .cse6 .cse7) (or .cse8 .cse4 .cse9 .cse10) (or .cse2 .cse6 .cse4 .cse7 .cse11) (or .cse1 .cse2 .cse8 .cse5 .cse3 .cse9) (or .cse0 .cse2 .cse4 .cse7 .cse11) (or .cse8 .cse5 .cse9 .cse10) (or .cse0 .cse2 .cse5 .cse7 (and .cse12 (= ~pumpRunning~0 1)))))) [2022-11-23 14:14:56,311 INFO L899 garLoopResultBuilder]: For program point L285-1(lines 285 291) no Hoare annotation was computed. [2022-11-23 14:14:56,312 INFO L899 garLoopResultBuilder]: For program point L278-1(lines 277 296) no Hoare annotation was computed. [2022-11-23 14:14:56,316 INFO L899 garLoopResultBuilder]: For program point L340(lines 340 348) no Hoare annotation was computed. [2022-11-23 14:14:56,317 INFO L895 garLoopResultBuilder]: At program point L336(lines 336 353) the Hoare annotation is: (let ((.cse12 (= ~pumpRunning~0 0))) (let ((.cse8 (and .cse12 (= |old(~waterLevel~0)| ~waterLevel~0)))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse3 (and .cse12 (= ~waterLevel~0 1))) (.cse5 (not (<= |old(~pumpRunning~0)| 0))) (.cse9 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (<= 0 |old(~pumpRunning~0)|))) (.cse7 (not (= 0 ~systemActive~0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse11 (or .cse8 (and (not .cse12) (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))))) (.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse10 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse4 .cse6 .cse7) (or .cse0 .cse8 .cse2 .cse9 .cse10) (or .cse2 .cse9 (not (= |old(~pumpRunning~0)| 1)) .cse10 (and .cse11 (= ~pumpRunning~0 1))) (or .cse1 .cse2 .cse5 .cse9 .cse3 .cse6) (or .cse5 .cse9 .cse6 .cse7) (or .cse2 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse11) .cse4 .cse10))))) [2022-11-23 14:14:56,317 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 274 297) the Hoare annotation is: (let ((.cse16 (= ~pumpRunning~0 0)) (.cse15 (= ~waterLevel~0 1)) (.cse12 (<= ~pumpRunning~0 0)) (.cse13 (<= 0 ~pumpRunning~0))) (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (and .cse12 .cse13)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse10 (and .cse16 .cse15)) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse14 (not .cse16)) (.cse9 (not (= |old(~waterLevel~0)| 1))) (.cse5 (not (<= |old(~pumpRunning~0)| 0))) (.cse11 (not (= ~methaneLevelCritical~0 1))) (.cse6 (not (<= 0 |old(~pumpRunning~0)|))) (.cse7 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 (not (= |old(~pumpRunning~0)| 1)) .cse2 (and .cse3 (= ~pumpRunning~0 1))) (or .cse4 .cse5 .cse1 .cse6 .cse7) (or .cse8 .cse9 .cse0 .cse10 .cse11) (or .cse8 .cse0 (and .cse12 .cse3 .cse13) .cse1 .cse2) (or .cse4 .cse5 .cse11 .cse6 .cse7) (or .cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse3) .cse11 .cse2) (or .cse9 .cse0 .cse5 .cse1 .cse10 .cse6) (or .cse14 .cse9 .cse5 .cse1 .cse15 .cse6 .cse7) (or .cse14 .cse9 .cse5 .cse11 .cse15 .cse6 .cse7)))) [2022-11-23 14:14:56,317 INFO L899 garLoopResultBuilder]: For program point L175(lines 175 181) no Hoare annotation was computed. [2022-11-23 14:14:56,318 INFO L895 garLoopResultBuilder]: At program point L171(lines 171 184) the Hoare annotation is: (let ((.cse11 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0))) (let ((.cse16 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= ~pumpRunning~0 0)) (.cse19 (= 1 ~systemActive~0)) (.cse17 (= ~methaneLevelCritical~0 1)) (.cse18 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse15 (not .cse11))) (let ((.cse8 (and .cse16 .cse3 (= 2 ~waterLevel~0) .cse19 .cse17 .cse18 .cse15)) (.cse4 (= |timeShift_processEnvironment_~tmp~3#1| 1)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse19)) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse6 (not (= |old(~waterLevel~0)| 2))) (.cse10 (not (= |old(~waterLevel~0)| 1))) (.cse12 (not (<= |old(~pumpRunning~0)| 0))) (.cse9 (not .cse17)) (.cse5 (= ~waterLevel~0 1)) (.cse13 (not (<= 0 |old(~pumpRunning~0)|))) (.cse14 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 (and .cse3 .cse4 .cse5) .cse6) (or .cse7 .cse0 .cse8 .cse9 .cse6) (or .cse10 .cse0 (and .cse3 .cse11 .cse5) .cse12 .cse1 .cse13) (or .cse12 (and .cse3 .cse11) .cse1 .cse13 .cse14) (or .cse0 .cse8 .cse9 (and .cse3 .cse4 .cse5 .cse15) .cse6) (or .cse7 .cse10 .cse0 (and .cse16 .cse3 .cse17 .cse5 .cse15) .cse9) (or .cse10 .cse12 .cse1 .cse5 .cse13 .cse14) (or .cse7 .cse0 .cse1 (and .cse11 .cse18 (= ~pumpRunning~0 1)) .cse6) (or (and .cse3 .cse15) .cse12 .cse9 .cse13 .cse14) (or .cse11 .cse0 .cse1 .cse2 .cse6) (or .cse10 .cse12 .cse9 .cse5 .cse13 .cse14))))) [2022-11-23 14:14:56,318 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 274 297) no Hoare annotation was computed. [2022-11-23 14:14:56,318 INFO L895 garLoopResultBuilder]: At program point L171-1(lines 163 187) the Hoare annotation is: (let ((.cse6 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0))) (let ((.cse0 (<= ~pumpRunning~0 0)) (.cse22 (= 1 ~systemActive~0)) (.cse21 (= ~methaneLevelCritical~0 1)) (.cse12 (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (.cse13 (< 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 1))) (.cse20 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse1 (<= 0 ~pumpRunning~0)) (.cse14 (not .cse6)) (.cse5 (not (= 0 ~systemActive~0)))) (let ((.cse9 (= ~pumpRunning~0 0)) (.cse11 (= |timeShift_processEnvironment_~tmp~3#1| 1)) (.cse17 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (= 2 ~waterLevel~0) .cse22 .cse21 .cse12 .cse13 .cse20 .cse1 .cse14 .cse5)) (.cse19 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse18 (not (= |old(~pumpRunning~0)| 1))) (.cse16 (not (= |old(~waterLevel~0)| 2))) (.cse8 (not .cse22)) (.cse7 (not (= |old(~waterLevel~0)| 1))) (.cse2 (not (<= |old(~pumpRunning~0)| 0))) (.cse15 (not .cse21)) (.cse10 (= ~waterLevel~0 1)) (.cse4 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or (and .cse0 .cse1) .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse2 .cse3 .cse4 .cse5) (or .cse7 .cse8 (and .cse9 .cse6 .cse10) .cse2 .cse3 .cse4) (or .cse8 (and .cse9 .cse11 .cse12 .cse13 .cse10 .cse14) .cse15 .cse16 .cse17) (or .cse8 .cse3 .cse18 .cse16 (and .cse0 .cse11 .cse1 .cse10 .cse5)) (or .cse19 .cse8 .cse15 .cse16 .cse17) (or .cse2 .cse15 .cse4 (and .cse0 .cse12 .cse13 .cse1 .cse14) .cse5) (or .cse7 .cse2 .cse3 .cse10 .cse4 .cse5) (or .cse19 .cse8 .cse3 (and .cse6 .cse20 (= ~pumpRunning~0 1)) .cse16) (or .cse6 .cse8 .cse3 .cse18 .cse16) (or .cse7 .cse8 .cse2 (and .cse0 .cse12 .cse13 .cse1 .cse10 .cse14 .cse5) .cse15 .cse4) (or .cse7 .cse2 .cse15 .cse10 .cse4 .cse5))))) [2022-11-23 14:14:56,318 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 193) no Hoare annotation was computed. [2022-11-23 14:14:56,318 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 96 104) the Hoare annotation is: true [2022-11-23 14:14:56,319 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 96 104) no Hoare annotation was computed. [2022-11-23 14:14:56,319 INFO L899 garLoopResultBuilder]: For program point L221(lines 221 227) no Hoare annotation was computed. [2022-11-23 14:14:56,319 INFO L899 garLoopResultBuilder]: For program point L221-1(lines 221 227) no Hoare annotation was computed. [2022-11-23 14:14:56,319 INFO L895 garLoopResultBuilder]: At program point L259(lines 210 260) the Hoare annotation is: false [2022-11-23 14:14:56,319 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-23 14:14:56,319 INFO L899 garLoopResultBuilder]: For program point L247(lines 247 253) no Hoare annotation was computed. [2022-11-23 14:14:56,319 INFO L895 garLoopResultBuilder]: At program point L247-2(lines 241 254) the Hoare annotation is: (let ((.cse10 (= 0 ~systemActive~0))) (let ((.cse0 (= 2 ~waterLevel~0)) (.cse8 (= ~pumpRunning~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse7 (= ~methaneLevelCritical~0 1)) (.cse9 (= ~waterLevel~0 1)) (.cse4 (not .cse10)) (.cse5 (<= ~pumpRunning~0 0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse6 (<= 0 ~pumpRunning~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (= ~pumpRunning~0 1)) (and .cse5 .cse0 .cse1 .cse2 .cse3 .cse6 .cse4) (and .cse0 .cse2 .cse7 .cse3 .cse4) (and .cse8 .cse1 .cse2 .cse3 .cse9 .cse4) (and .cse5 .cse7 .cse3 .cse6 .cse10) (and .cse8 .cse2 .cse7 .cse3 .cse9 .cse4) (and .cse5 .cse1 .cse3 .cse6 .cse10)))) [2022-11-23 14:14:56,319 INFO L895 garLoopResultBuilder]: At program point L491(line 491) the Hoare annotation is: (let ((.cse2 (not (= ~pumpRunning~0 0)))) (let ((.cse0 (or .cse2 (= ~waterLevel~0 1))) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 1) .cse0 .cse1 (or .cse2 (not (= |isMethaneLevelCritical_#res| 0))) .cse3) (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse3)))) [2022-11-23 14:14:56,320 INFO L899 garLoopResultBuilder]: For program point L231(lines 231 237) no Hoare annotation was computed. [2022-11-23 14:14:56,320 INFO L899 garLoopResultBuilder]: For program point L231-1(lines 231 237) no Hoare annotation was computed. [2022-11-23 14:14:56,320 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-23 14:14:56,320 INFO L895 garLoopResultBuilder]: At program point L256(lines 211 258) the Hoare annotation is: (let ((.cse8 (= 0 ~systemActive~0))) (let ((.cse1 (= 2 ~waterLevel~0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse7 (= ~waterLevel~0 1)) (.cse5 (not .cse8)) (.cse0 (= ~pumpRunning~0 0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse1 .cse6 .cse2 .cse4 .cse5 (= ~pumpRunning~0 1)) (and .cse0 .cse6 .cse2 .cse4 .cse7 .cse5) (and .cse0 .cse6 .cse4 .cse8) (and .cse0 .cse2 .cse3 .cse4 .cse7 .cse5) (and .cse0 .cse3 .cse4 .cse8)))) [2022-11-23 14:14:56,320 INFO L895 garLoopResultBuilder]: At program point L223(line 223) the Hoare annotation is: (let ((.cse10 (= 0 ~systemActive~0))) (let ((.cse9 (= ~waterLevel~0 1)) (.cse0 (= 2 ~waterLevel~0)) (.cse6 (< 0 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse4 (not .cse10)) (.cse7 (= ~methaneLevelCritical~0 1)) (.cse5 (<= ~pumpRunning~0 0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse8 (<= 0 ~pumpRunning~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (= ~pumpRunning~0 1)) (and .cse5 .cse6 .cse2 .cse7 .cse3 .cse8 .cse9 .cse4) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3 .cse9 .cse4) (and .cse5 .cse0 .cse6 .cse2 .cse7 .cse3 .cse8 .cse4) (and .cse5 .cse7 .cse3 .cse8 .cse10) (and .cse5 .cse1 .cse3 .cse8 .cse10)))) [2022-11-23 14:14:56,320 INFO L895 garLoopResultBuilder]: At program point L987(lines 987 994) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= |ULTIMATE.start_main_~tmp~10#1| ~systemActive~0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-23 14:14:56,320 INFO L902 garLoopResultBuilder]: At program point L987-2(lines 987 994) the Hoare annotation is: true [2022-11-23 14:14:56,320 INFO L899 garLoopResultBuilder]: For program point L212(lines 211 258) no Hoare annotation was computed. [2022-11-23 14:14:56,321 INFO L899 garLoopResultBuilder]: For program point L241(lines 241 254) no Hoare annotation was computed. [2022-11-23 14:14:56,321 INFO L895 garLoopResultBuilder]: At program point L233(line 233) the Hoare annotation is: (let ((.cse8 (= 0 ~systemActive~0))) (let ((.cse1 (= 2 ~waterLevel~0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse7 (= ~waterLevel~0 1)) (.cse5 (not .cse8)) (.cse0 (= ~pumpRunning~0 0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse6 .cse2 .cse4 .cse7 .cse5) (and .cse0 .cse6 .cse4 .cse8) (and .cse1 .cse6 .cse2 .cse4 .cse5) (and .cse0 .cse2 .cse3 .cse4 .cse7 .cse5) (and .cse0 .cse3 .cse4 .cse8)))) [2022-11-23 14:14:56,321 INFO L899 garLoopResultBuilder]: For program point L489(lines 489 495) no Hoare annotation was computed. [2022-11-23 14:14:56,321 INFO L895 garLoopResultBuilder]: At program point L489-1(lines 489 495) the Hoare annotation is: (let ((.cse0 (<= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= 0 ~pumpRunning~0))) (or (and .cse0 (= ~methaneLevelCritical~0 1) .cse1 .cse2) (and .cse0 (= ~methaneLevelCritical~0 0) .cse1 .cse2))) [2022-11-23 14:14:56,321 INFO L902 garLoopResultBuilder]: At program point L262(lines 201 266) the Hoare annotation is: true [2022-11-23 14:14:56,321 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 306 330) the Hoare annotation is: (let ((.cse0 (not (= ~waterLevel~0 1))) (.cse6 (not (= ~methaneLevelCritical~0 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse7 (not (= 2 ~waterLevel~0))) (.cse3 (not (<= |old(~pumpRunning~0)| 0))) (.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse5 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse2 .cse3 .cse6 .cse5) (or .cse1 .cse2 .cse7 .cse3 .cse6 .cse5) (or .cse1 .cse2 .cse7 .cse3 .cse4 .cse5))) [2022-11-23 14:14:56,321 INFO L895 garLoopResultBuilder]: At program point L320(line 320) the Hoare annotation is: (let ((.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse0 (not (= ~waterLevel~0 1))) (.cse5 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~2#1| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse6 (not (= 2 ~waterLevel~0))) (.cse2 (not (<= |old(~pumpRunning~0)| 0))) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse1 .cse6 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse2 .cse7 .cse4 .cse5) (or .cse1 .cse6 .cse2 .cse7 .cse4))) [2022-11-23 14:14:56,322 INFO L899 garLoopResultBuilder]: For program point L314(lines 314 322) no Hoare annotation was computed. [2022-11-23 14:14:56,322 INFO L895 garLoopResultBuilder]: At program point L310(lines 310 327) the Hoare annotation is: (let ((.cse0 (not (= ~waterLevel~0 1))) (.cse6 (not (= ~methaneLevelCritical~0 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse7 (not (= 2 ~waterLevel~0))) (.cse3 (not (<= |old(~pumpRunning~0)| 0))) (.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse5 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse2 .cse3 .cse6 .cse5) (or .cse1 .cse2 .cse7 .cse3 .cse6 .cse5) (or .cse1 .cse2 .cse7 .cse3 .cse4 .cse5))) [2022-11-23 14:14:56,322 INFO L895 garLoopResultBuilder]: At program point L325(line 325) the Hoare annotation is: (let ((.cse5 (not (= 2 ~waterLevel~0))) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (= ~waterLevel~0 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~pumpRunning~0)| 0))) (.cse6 (not (= ~methaneLevelCritical~0 1))) (.cse4 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse1 .cse5 .cse2 .cse6 .cse4) (or .cse1 .cse5 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse2 .cse6 .cse4))) [2022-11-23 14:14:56,322 INFO L899 garLoopResultBuilder]: For program point L325-1(lines 306 330) no Hoare annotation was computed. [2022-11-23 14:14:56,322 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 306 330) no Hoare annotation was computed. [2022-11-23 14:14:56,322 INFO L895 garLoopResultBuilder]: At program point L396(line 396) the Hoare annotation is: (let ((.cse5 (not (= 2 ~waterLevel~0))) (.cse6 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~2#1| 1))) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (= ~waterLevel~0 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~pumpRunning~0)| 0))) (.cse7 (not (= ~methaneLevelCritical~0 1))) (.cse4 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse1 .cse5 .cse2 .cse6 .cse7 .cse4) (or .cse1 .cse5 .cse2 .cse6 .cse3 .cse4) (or .cse0 .cse1 .cse2 .cse7 .cse4))) [2022-11-23 14:14:56,323 INFO L895 garLoopResultBuilder]: At program point L396-1(line 396) the Hoare annotation is: (let ((.cse1 (not (= 2 ~waterLevel~0))) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse5 (and (= |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#t~ret18#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~2#1| 1))) (.cse6 (not (= ~waterLevel~0 1))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~pumpRunning~0)| 0))) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse4 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse0 .cse2 .cse7 .cse4) (or .cse0 .cse1 .cse2 .cse7 .cse4 .cse5) (or .cse6 .cse0 .cse2 .cse3 .cse4))) [2022-11-23 14:14:56,323 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 72 83) no Hoare annotation was computed. [2022-11-23 14:14:56,323 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 72 83) the Hoare annotation is: (let ((.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse5 (= ~waterLevel~0 1)) (.cse6 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (< 0 |old(~waterLevel~0)|))) (.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse7 (not (= |old(~waterLevel~0)| 2))) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse1 .cse2 .cse6 (not (<= 0 ~pumpRunning~0)) .cse5 (not (<= ~pumpRunning~0 0))) (or .cse2 .cse6 (not (= ~pumpRunning~0 1)) .cse7 .cse8) (or .cse0 .cse2 .cse3 .cse4 .cse7 .cse8))) [2022-11-23 14:14:56,327 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:14:56,329 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-23 14:14:56,397 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 23.11 02:14:56 BoogieIcfgContainer [2022-11-23 14:14:56,406 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-23 14:14:56,406 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-23 14:14:56,407 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-23 14:14:56,407 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-23 14:14:56,408 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 02:13:46" (3/4) ... [2022-11-23 14:14:56,411 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-23 14:14:56,417 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-23 14:14:56,417 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-23 14:14:56,418 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-23 14:14:56,418 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-23 14:14:56,418 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-23 14:14:56,418 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-23 14:14:56,419 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 14:14:56,419 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-23 14:14:56,431 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 49 nodes and edges [2022-11-23 14:14:56,433 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 14 nodes and edges [2022-11-23 14:14:56,434 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-23 14:14:56,435 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 14:14:56,435 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 14:14:56,467 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) && (((((pumpRunning <= 0 && 0 <= pumpRunning) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning <= 0 && \old(waterLevel) == waterLevel) && 0 <= pumpRunning)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && (((((pumpRunning <= 0 && 0 <= pumpRunning) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 <= \old(pumpRunning)))) && ((((((!(pumpRunning == 0) || !(\old(waterLevel) == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((((!(pumpRunning == 0) || !(\old(waterLevel) == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) [2022-11-23 14:14:56,468 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1)) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)) && pumpRunning == 1))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 <= \old(pumpRunning)))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) [2022-11-23 14:14:56,469 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(1 == systemActive) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && \old(waterLevel) == waterLevel))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 <= \old(pumpRunning)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && \old(waterLevel) == waterLevel))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) [2022-11-23 14:14:56,469 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(waterLevel == 1) || pumpRunning == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) && (((((!(waterLevel == 1) || pumpRunning == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && (((((pumpRunning == 0 || !(1 == systemActive)) || !(2 == waterLevel)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && (((((pumpRunning == 0 || !(1 == systemActive)) || !(2 == waterLevel)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) [2022-11-23 14:14:56,471 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || !(\old(waterLevel) == 2)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && \old(waterLevel) == waterLevel) && !(tmp == 0))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == 0) && waterLevel == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && ((((!(\old(pumpRunning) <= 0) || (pumpRunning == 0 && tmp == 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(1 == systemActive) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && \old(waterLevel) == waterLevel) && !(tmp == 0))) || !(methaneLevelCritical == 1)) || (((pumpRunning == 0 && tmp == 1) && waterLevel == 1) && !(tmp == 0))) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && methaneLevelCritical == 1) && waterLevel == 1) && !(tmp == 0))) || !(methaneLevelCritical == 1))) && (((((!(\old(waterLevel) == 1) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((tmp == 0 && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(waterLevel) == 2))) && (((((pumpRunning == 0 && !(tmp == 0)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(waterLevel) == 1) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) [2022-11-23 14:14:56,471 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((pumpRunning <= 0 && 0 <= pumpRunning) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) && ((((tmp == 0 || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == 0) && waterLevel == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && ((((!(1 == systemActive) || (((((pumpRunning == 0 && tmp == 1) && tmp___0 <= 0) && 0 < tmp___0 + 1) && waterLevel == 1) && !(tmp == 0))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || ((((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && tmp___0 <= 0) && 0 < tmp___0 + 1) && \old(waterLevel) == waterLevel) && 0 <= pumpRunning) && !(tmp == 0)) && !(0 == systemActive)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || ((((pumpRunning <= 0 && tmp == 1) && 0 <= pumpRunning) && waterLevel == 1) && !(0 == systemActive)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || ((((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && tmp___0 <= 0) && 0 < tmp___0 + 1) && \old(waterLevel) == waterLevel) && 0 <= pumpRunning) && !(tmp == 0)) && !(0 == systemActive)))) && ((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || ((((pumpRunning <= 0 && tmp___0 <= 0) && 0 < tmp___0 + 1) && 0 <= pumpRunning) && !(tmp == 0))) || !(0 == systemActive))) && (((((!(\old(waterLevel) == 1) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((tmp == 0 && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(waterLevel) == 2))) && ((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || ((((((pumpRunning <= 0 && tmp___0 <= 0) && 0 < tmp___0 + 1) && 0 <= pumpRunning) && waterLevel == 1) && !(tmp == 0)) && !(0 == systemActive))) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning)))) && (((((!(\old(waterLevel) == 1) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) [2022-11-23 14:14:56,472 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || !(2 == waterLevel)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || ((aux-isMethaneLevelCritical()-aux == methaneLevelCritical && pumpRunning == 0) && tmp == 1)) && ((((!(waterLevel == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && (((((!(1 == systemActive) || !(2 == waterLevel)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || ((aux-isMethaneLevelCritical()-aux == methaneLevelCritical && pumpRunning == 0) && tmp == 1))) && ((((!(waterLevel == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) [2022-11-23 14:14:56,473 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning)))) && ((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) [2022-11-23 14:14:56,506 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/witness.graphml [2022-11-23 14:14:56,506 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-23 14:14:56,507 INFO L158 Benchmark]: Toolchain (without parser) took 71906.10ms. Allocated memory was 167.8MB in the beginning and 708.8MB in the end (delta: 541.1MB). Free memory was 131.4MB in the beginning and 388.9MB in the end (delta: -257.6MB). Peak memory consumption was 286.6MB. Max. memory is 16.1GB. [2022-11-23 14:14:56,507 INFO L158 Benchmark]: CDTParser took 0.20ms. Allocated memory is still 121.6MB. Free memory was 86.1MB in the beginning and 86.0MB in the end (delta: 27.2kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-23 14:14:56,508 INFO L158 Benchmark]: CACSL2BoogieTranslator took 735.44ms. Allocated memory is still 167.8MB. Free memory was 131.4MB in the beginning and 112.5MB in the end (delta: 18.9MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2022-11-23 14:14:56,508 INFO L158 Benchmark]: Boogie Procedure Inliner took 83.43ms. Allocated memory is still 167.8MB. Free memory was 112.5MB in the beginning and 109.7MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-23 14:14:56,509 INFO L158 Benchmark]: Boogie Preprocessor took 62.52ms. Allocated memory is still 167.8MB. Free memory was 109.7MB in the beginning and 108.3MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-23 14:14:56,509 INFO L158 Benchmark]: RCFGBuilder took 738.80ms. Allocated memory is still 167.8MB. Free memory was 108.3MB in the beginning and 83.1MB in the end (delta: 25.2MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2022-11-23 14:14:56,510 INFO L158 Benchmark]: TraceAbstraction took 70174.07ms. Allocated memory was 167.8MB in the beginning and 708.8MB in the end (delta: 541.1MB). Free memory was 82.4MB in the beginning and 395.2MB in the end (delta: -312.8MB). Peak memory consumption was 381.1MB. Max. memory is 16.1GB. [2022-11-23 14:14:56,510 INFO L158 Benchmark]: Witness Printer took 99.99ms. Allocated memory is still 708.8MB. Free memory was 395.2MB in the beginning and 388.9MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-23 14:14:56,512 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.20ms. Allocated memory is still 121.6MB. Free memory was 86.1MB in the beginning and 86.0MB in the end (delta: 27.2kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 735.44ms. Allocated memory is still 167.8MB. Free memory was 131.4MB in the beginning and 112.5MB in the end (delta: 18.9MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 83.43ms. Allocated memory is still 167.8MB. Free memory was 112.5MB in the beginning and 109.7MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 62.52ms. Allocated memory is still 167.8MB. Free memory was 109.7MB in the beginning and 108.3MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 738.80ms. Allocated memory is still 167.8MB. Free memory was 108.3MB in the beginning and 83.1MB in the end (delta: 25.2MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 70174.07ms. Allocated memory was 167.8MB in the beginning and 708.8MB in the end (delta: 541.1MB). Free memory was 82.4MB in the beginning and 395.2MB in the end (delta: -312.8MB). Peak memory consumption was 381.1MB. Max. memory is 16.1GB. * Witness Printer took 99.99ms. Allocated memory is still 708.8MB. Free memory was 395.2MB in the beginning and 388.9MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 193]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 65 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 70.0s, OverallIterations: 10, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 7.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 9.6s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2862 SdHoareTripleChecker+Valid, 3.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2836 mSDsluCounter, 2499 SdHoareTripleChecker+Invalid, 3.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1839 mSDsCounter, 1531 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3657 IncrementalHoareTripleChecker+Invalid, 5188 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1531 mSolverCounterUnsat, 660 mSDtfsCounter, 3657 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 856 GetRequests, 521 SyntacticMatches, 52 SemanticMatches, 283 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11913 ImplicationChecksByTransitivity, 30.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=767occurred in iteration=9, InterpolantAutomatonStates: 131, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 10 MinimizatonAttempts, 588 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 37 LocationsWithAnnotation, 1768 PreInvPairs, 1916 NumberOfFragments, 3613 HoareAnnotationTreeSize, 1768 FomulaSimplifications, 7614 FormulaSimplificationTreeSizeReduction, 0.8s HoareSimplificationTime, 37 FomulaSimplificationsInter, 47173 FormulaSimplificationTreeSizeReductionInter, 8.7s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 6.7s InterpolantComputationTime, 659 NumberOfCodeBlocks, 659 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 869 ConstructedInterpolants, 0 QuantifiedInterpolants, 3578 SizeOfPredicates, 39 NumberOfNonLiveVariables, 977 ConjunctsInSsa, 104 ConjunctsInUnsatCore, 16 InterpolantComputations, 7 PerfectInterpolantSequences, 380/559 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 332]: Loop Invariant Derived loop invariant: ((((((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(1 == systemActive) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && \old(waterLevel) == waterLevel))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 <= \old(pumpRunning)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && \old(waterLevel) == waterLevel))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) - InvariantResult [Line: 210]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 211]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0 && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && !(0 == systemActive)) || (((((2 == waterLevel && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0) && !(0 == systemActive)) && pumpRunning == 1)) || (((((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive))) || (((pumpRunning == 0 && methaneLevelCritical == 0) && splverifierCounter == 0) && 0 == systemActive)) || (((((pumpRunning == 0 && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive))) || (((pumpRunning == 0 && methaneLevelCritical == 1) && splverifierCounter == 0) && 0 == systemActive) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 489]: Loop Invariant Derived loop invariant: (((pumpRunning <= 0 && methaneLevelCritical == 1) && splverifierCounter == 0) && 0 <= pumpRunning) || (((pumpRunning <= 0 && methaneLevelCritical == 0) && splverifierCounter == 0) && 0 <= pumpRunning) - InvariantResult [Line: 171]: Loop Invariant Derived loop invariant: (((((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || !(\old(waterLevel) == 2)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && \old(waterLevel) == waterLevel) && !(tmp == 0))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == 0) && waterLevel == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && ((((!(\old(pumpRunning) <= 0) || (pumpRunning == 0 && tmp == 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(1 == systemActive) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && \old(waterLevel) == waterLevel) && !(tmp == 0))) || !(methaneLevelCritical == 1)) || (((pumpRunning == 0 && tmp == 1) && waterLevel == 1) && !(tmp == 0))) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && methaneLevelCritical == 1) && waterLevel == 1) && !(tmp == 0))) || !(methaneLevelCritical == 1))) && (((((!(\old(waterLevel) == 1) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((tmp == 0 && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(waterLevel) == 2))) && (((((pumpRunning == 0 && !(tmp == 0)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(waterLevel) == 1) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) - InvariantResult [Line: 163]: Loop Invariant Derived loop invariant: (((((((((((((((pumpRunning <= 0 && 0 <= pumpRunning) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) && ((((tmp == 0 || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == 0) && waterLevel == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && ((((!(1 == systemActive) || (((((pumpRunning == 0 && tmp == 1) && tmp___0 <= 0) && 0 < tmp___0 + 1) && waterLevel == 1) && !(tmp == 0))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || ((((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && tmp___0 <= 0) && 0 < tmp___0 + 1) && \old(waterLevel) == waterLevel) && 0 <= pumpRunning) && !(tmp == 0)) && !(0 == systemActive)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || ((((pumpRunning <= 0 && tmp == 1) && 0 <= pumpRunning) && waterLevel == 1) && !(0 == systemActive)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || ((((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 2 == waterLevel) && 1 == systemActive) && methaneLevelCritical == 1) && tmp___0 <= 0) && 0 < tmp___0 + 1) && \old(waterLevel) == waterLevel) && 0 <= pumpRunning) && !(tmp == 0)) && !(0 == systemActive)))) && ((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || ((((pumpRunning <= 0 && tmp___0 <= 0) && 0 < tmp___0 + 1) && 0 <= pumpRunning) && !(tmp == 0))) || !(0 == systemActive))) && (((((!(\old(waterLevel) == 1) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((tmp == 0 && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(waterLevel) == 2))) && ((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || ((((((pumpRunning <= 0 && tmp___0 <= 0) && 0 < tmp___0 + 1) && 0 <= pumpRunning) && waterLevel == 1) && !(tmp == 0)) && !(0 == systemActive))) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning)))) && (((((!(\old(waterLevel) == 1) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) - InvariantResult [Line: 193]: Loop Invariant Derived loop invariant: ((((((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning)))) && ((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 274]: Loop Invariant Derived loop invariant: (((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) && (((((pumpRunning <= 0 && 0 <= pumpRunning) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning <= 0 && \old(waterLevel) == waterLevel) && 0 <= pumpRunning)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && (((((pumpRunning <= 0 && 0 <= pumpRunning) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 <= \old(pumpRunning)))) && ((((((!(pumpRunning == 0) || !(\old(waterLevel) == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((((!(pumpRunning == 0) || !(\old(waterLevel) == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || waterLevel == 1) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) - InvariantResult [Line: 396]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || !(2 == waterLevel)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || ((aux-isMethaneLevelCritical()-aux == methaneLevelCritical && pumpRunning == 0) && tmp == 1)) && ((((!(waterLevel == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && (((((!(1 == systemActive) || !(2 == waterLevel)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || ((aux-isMethaneLevelCritical()-aux == methaneLevelCritical && pumpRunning == 0) && tmp == 1))) && ((((!(waterLevel == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) - InvariantResult [Line: 916]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 201]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 906]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 987]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && methaneLevelCritical == 0) && tmp == systemActive) && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 987]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 336]: Loop Invariant Derived loop invariant: (((((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1)) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)) && pumpRunning == 1))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 <= \old(pumpRunning)))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 310]: Loop Invariant Derived loop invariant: (((((((!(waterLevel == 1) || pumpRunning == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) && (((((!(waterLevel == 1) || pumpRunning == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && (((((pumpRunning == 0 || !(1 == systemActive)) || !(2 == waterLevel)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && (((((pumpRunning == 0 || !(1 == systemActive)) || !(2 == waterLevel)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) RESULT: Ultimate proved your program to be correct! [2022-11-23 14:14:56,547 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_0c60c6ea-e915-40bc-9fb0-5f26e59e7187/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE