./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4e7fbc69 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash fa0eab3945757815cbe114f72b31b9c97b3f41e20a7d5f245c817ae82afdf9aa --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-4e7fbc6 [2022-11-23 13:43:35,755 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-23 13:43:35,757 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-23 13:43:35,778 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-23 13:43:35,778 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-23 13:43:35,779 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-23 13:43:35,781 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-23 13:43:35,783 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-23 13:43:35,784 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-23 13:43:35,785 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-23 13:43:35,786 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-23 13:43:35,787 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-23 13:43:35,788 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-23 13:43:35,789 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-23 13:43:35,790 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-23 13:43:35,791 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-23 13:43:35,792 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-23 13:43:35,793 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-23 13:43:35,795 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-23 13:43:35,797 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-23 13:43:35,798 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-23 13:43:35,799 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-23 13:43:35,801 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-23 13:43:35,802 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-23 13:43:35,806 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-23 13:43:35,806 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-23 13:43:35,807 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-23 13:43:35,808 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-23 13:43:35,808 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-23 13:43:35,809 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-23 13:43:35,810 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-23 13:43:35,810 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-23 13:43:35,811 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-23 13:43:35,812 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-23 13:43:35,813 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-23 13:43:35,814 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-23 13:43:35,815 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-23 13:43:35,815 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-23 13:43:35,815 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-23 13:43:35,816 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-23 13:43:35,817 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-23 13:43:35,818 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-23 13:43:35,842 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-23 13:43:35,842 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-23 13:43:35,843 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-23 13:43:35,843 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-23 13:43:35,844 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-23 13:43:35,844 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-23 13:43:35,844 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-23 13:43:35,844 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-23 13:43:35,845 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-23 13:43:35,845 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-23 13:43:35,845 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-23 13:43:35,845 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-23 13:43:35,846 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-23 13:43:35,846 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-23 13:43:35,846 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-23 13:43:35,846 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-23 13:43:35,847 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-23 13:43:35,847 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-23 13:43:35,848 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-23 13:43:35,848 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-23 13:43:35,848 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-23 13:43:35,848 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-23 13:43:35,849 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-23 13:43:35,849 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-23 13:43:35,849 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-23 13:43:35,849 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-23 13:43:35,849 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-23 13:43:35,850 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-23 13:43:35,850 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-23 13:43:35,850 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-23 13:43:35,850 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-23 13:43:35,851 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-23 13:43:35,851 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 13:43:35,851 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-23 13:43:35,851 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-23 13:43:35,852 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-23 13:43:35,852 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-23 13:43:35,852 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-23 13:43:35,852 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-23 13:43:35,852 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-23 13:43:35,853 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-23 13:43:35,853 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> fa0eab3945757815cbe114f72b31b9c97b3f41e20a7d5f245c817ae82afdf9aa [2022-11-23 13:43:36,076 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-23 13:43:36,100 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-23 13:43:36,102 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-23 13:43:36,103 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-23 13:43:36,104 INFO L275 PluginConnector]: CDTParser initialized [2022-11-23 13:43:36,117 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/../../sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c [2022-11-23 13:43:39,146 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-23 13:43:39,423 INFO L351 CDTParser]: Found 1 translation units. [2022-11-23 13:43:39,426 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c [2022-11-23 13:43:39,443 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/data/2ed7e7677/ac8f793931b14443affe24ab3fc59d5d/FLAGb6f90f08f [2022-11-23 13:43:39,456 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/data/2ed7e7677/ac8f793931b14443affe24ab3fc59d5d [2022-11-23 13:43:39,459 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-23 13:43:39,460 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-23 13:43:39,461 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-23 13:43:39,461 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-23 13:43:39,465 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-23 13:43:39,466 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:39,467 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6252f94f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39, skipping insertion in model container [2022-11-23 13:43:39,467 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:39,477 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-23 13:43:39,539 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-23 13:43:39,756 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c[11292,11305] [2022-11-23 13:43:39,821 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 13:43:39,832 INFO L203 MainTranslator]: Completed pre-run [2022-11-23 13:43:39,880 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c[11292,11305] [2022-11-23 13:43:39,901 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 13:43:39,918 INFO L208 MainTranslator]: Completed translation [2022-11-23 13:43:39,919 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39 WrapperNode [2022-11-23 13:43:39,919 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-23 13:43:39,920 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-23 13:43:39,920 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-23 13:43:39,921 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-23 13:43:39,931 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:39,955 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:39,990 INFO L138 Inliner]: procedures = 59, calls = 106, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 229 [2022-11-23 13:43:39,990 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-23 13:43:39,991 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-23 13:43:39,991 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-23 13:43:39,991 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-23 13:43:40,000 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:40,000 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:40,002 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:40,003 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:40,008 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:40,012 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:40,013 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:40,014 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:40,017 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-23 13:43:40,018 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-23 13:43:40,018 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-23 13:43:40,018 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-23 13:43:40,019 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (1/1) ... [2022-11-23 13:43:40,037 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 13:43:40,050 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 13:43:40,088 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-23 13:43:40,122 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-23 13:43:40,158 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-23 13:43:40,158 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-23 13:43:40,158 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-23 13:43:40,158 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-23 13:43:40,158 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-23 13:43:40,158 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-23 13:43:40,159 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-23 13:43:40,159 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-23 13:43:40,159 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-23 13:43:40,159 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 13:43:40,159 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 13:43:40,159 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-23 13:43:40,159 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-23 13:43:40,160 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2022-11-23 13:43:40,160 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2022-11-23 13:43:40,160 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-23 13:43:40,160 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-23 13:43:40,160 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-23 13:43:40,162 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-23 13:43:40,163 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-23 13:43:40,163 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-23 13:43:40,163 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-23 13:43:40,248 INFO L235 CfgBuilder]: Building ICFG [2022-11-23 13:43:40,250 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-23 13:43:40,604 INFO L276 CfgBuilder]: Performing block encoding [2022-11-23 13:43:40,752 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-23 13:43:40,759 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-23 13:43:40,762 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 01:43:40 BoogieIcfgContainer [2022-11-23 13:43:40,762 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-23 13:43:40,764 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-23 13:43:40,766 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-23 13:43:40,769 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-23 13:43:40,771 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 23.11 01:43:39" (1/3) ... [2022-11-23 13:43:40,772 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@48b42db3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 01:43:40, skipping insertion in model container [2022-11-23 13:43:40,773 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 01:43:39" (2/3) ... [2022-11-23 13:43:40,773 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@48b42db3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 01:43:40, skipping insertion in model container [2022-11-23 13:43:40,774 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 01:43:40" (3/3) ... [2022-11-23 13:43:40,776 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product56.cil.c [2022-11-23 13:43:40,798 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-23 13:43:40,798 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-23 13:43:40,881 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-23 13:43:40,890 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@3ce05666, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-23 13:43:40,891 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-23 13:43:40,895 INFO L276 IsEmpty]: Start isEmpty. Operand has 74 states, 46 states have (on average 1.4565217391304348) internal successors, (67), 57 states have internal predecessors, (67), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2022-11-23 13:43:40,907 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-23 13:43:40,908 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 13:43:40,909 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:43:40,910 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 13:43:40,917 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 13:43:40,918 INFO L85 PathProgramCache]: Analyzing trace with hash -57516836, now seen corresponding path program 1 times [2022-11-23 13:43:40,936 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 13:43:40,937 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1011832941] [2022-11-23 13:43:40,937 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:40,938 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 13:43:41,079 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:41,168 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 13:43:41,168 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 13:43:41,168 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1011832941] [2022-11-23 13:43:41,169 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1011832941] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 13:43:41,169 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 13:43:41,169 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-23 13:43:41,171 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1701501442] [2022-11-23 13:43:41,172 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 13:43:41,176 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-23 13:43:41,177 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 13:43:41,219 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-23 13:43:41,220 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 13:43:41,222 INFO L87 Difference]: Start difference. First operand has 74 states, 46 states have (on average 1.4565217391304348) internal successors, (67), 57 states have internal predecessors, (67), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 13:43:41,322 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 13:43:41,323 INFO L93 Difference]: Finished difference Result 146 states and 203 transitions. [2022-11-23 13:43:41,330 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-23 13:43:41,331 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-23 13:43:41,331 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 13:43:41,341 INFO L225 Difference]: With dead ends: 146 [2022-11-23 13:43:41,341 INFO L226 Difference]: Without dead ends: 69 [2022-11-23 13:43:41,346 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 13:43:41,352 INFO L413 NwaCegarLoop]: 79 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 79 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 13:43:41,354 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 79 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 13:43:41,370 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 69 states. [2022-11-23 13:43:41,410 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 69 to 69. [2022-11-23 13:43:41,412 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 69 states, 43 states have (on average 1.372093023255814) internal successors, (59), 53 states have internal predecessors, (59), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-11-23 13:43:41,419 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 69 states to 69 states and 92 transitions. [2022-11-23 13:43:41,421 INFO L78 Accepts]: Start accepts. Automaton has 69 states and 92 transitions. Word has length 17 [2022-11-23 13:43:41,421 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 13:43:41,421 INFO L495 AbstractCegarLoop]: Abstraction has 69 states and 92 transitions. [2022-11-23 13:43:41,422 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 13:43:41,422 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 92 transitions. [2022-11-23 13:43:41,424 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-11-23 13:43:41,424 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 13:43:41,425 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:43:41,425 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-23 13:43:41,425 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 13:43:41,426 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 13:43:41,426 INFO L85 PathProgramCache]: Analyzing trace with hash -576613657, now seen corresponding path program 1 times [2022-11-23 13:43:41,426 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 13:43:41,426 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1076843589] [2022-11-23 13:43:41,426 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:41,427 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 13:43:41,467 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:41,549 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 13:43:41,550 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 13:43:41,550 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1076843589] [2022-11-23 13:43:41,550 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1076843589] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 13:43:41,551 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 13:43:41,551 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-23 13:43:41,551 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [256151373] [2022-11-23 13:43:41,551 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 13:43:41,553 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 13:43:41,553 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 13:43:41,553 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 13:43:41,554 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 13:43:41,554 INFO L87 Difference]: Start difference. First operand 69 states and 92 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 13:43:41,602 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 13:43:41,602 INFO L93 Difference]: Finished difference Result 110 states and 146 transitions. [2022-11-23 13:43:41,602 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 13:43:41,603 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2022-11-23 13:43:41,603 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 13:43:41,605 INFO L225 Difference]: With dead ends: 110 [2022-11-23 13:43:41,605 INFO L226 Difference]: Without dead ends: 61 [2022-11-23 13:43:41,606 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 13:43:41,607 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 14 mSDsluCounter, 49 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 114 SdHoareTripleChecker+Invalid, 28 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-23 13:43:41,608 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 114 Invalid, 28 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-23 13:43:41,608 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 61 states. [2022-11-23 13:43:41,615 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 61 to 61. [2022-11-23 13:43:41,616 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 61 states, 38 states have (on average 1.394736842105263) internal successors, (53), 48 states have internal predecessors, (53), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-23 13:43:41,617 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61 states to 61 states and 81 transitions. [2022-11-23 13:43:41,617 INFO L78 Accepts]: Start accepts. Automaton has 61 states and 81 transitions. Word has length 18 [2022-11-23 13:43:41,617 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 13:43:41,618 INFO L495 AbstractCegarLoop]: Abstraction has 61 states and 81 transitions. [2022-11-23 13:43:41,618 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 13:43:41,620 INFO L276 IsEmpty]: Start isEmpty. Operand 61 states and 81 transitions. [2022-11-23 13:43:41,628 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-23 13:43:41,628 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 13:43:41,628 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:43:41,628 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-23 13:43:41,629 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 13:43:41,634 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 13:43:41,634 INFO L85 PathProgramCache]: Analyzing trace with hash -912722090, now seen corresponding path program 1 times [2022-11-23 13:43:41,634 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 13:43:41,634 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [478108184] [2022-11-23 13:43:41,635 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:41,635 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 13:43:41,660 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:41,745 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 13:43:41,751 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 13:43:41,751 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [478108184] [2022-11-23 13:43:41,752 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [478108184] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 13:43:41,752 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 13:43:41,752 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-23 13:43:41,752 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1184826502] [2022-11-23 13:43:41,753 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 13:43:41,753 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 13:43:41,753 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 13:43:41,754 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 13:43:41,754 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 13:43:41,755 INFO L87 Difference]: Start difference. First operand 61 states and 81 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 13:43:41,875 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 13:43:41,877 INFO L93 Difference]: Finished difference Result 179 states and 240 transitions. [2022-11-23 13:43:41,877 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 13:43:41,878 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 21 [2022-11-23 13:43:41,878 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 13:43:41,880 INFO L225 Difference]: With dead ends: 179 [2022-11-23 13:43:41,882 INFO L226 Difference]: Without dead ends: 120 [2022-11-23 13:43:41,883 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 13:43:41,884 INFO L413 NwaCegarLoop]: 87 mSDtfsCounter, 75 mSDsluCounter, 63 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 150 SdHoareTripleChecker+Invalid, 35 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 13:43:41,887 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 150 Invalid, 35 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 13:43:41,888 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2022-11-23 13:43:41,916 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 117. [2022-11-23 13:43:41,921 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 117 states, 72 states have (on average 1.4027777777777777) internal successors, (101), 91 states have internal predecessors, (101), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2022-11-23 13:43:41,940 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 117 states to 117 states and 157 transitions. [2022-11-23 13:43:41,940 INFO L78 Accepts]: Start accepts. Automaton has 117 states and 157 transitions. Word has length 21 [2022-11-23 13:43:41,941 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 13:43:41,941 INFO L495 AbstractCegarLoop]: Abstraction has 117 states and 157 transitions. [2022-11-23 13:43:41,941 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 13:43:41,941 INFO L276 IsEmpty]: Start isEmpty. Operand 117 states and 157 transitions. [2022-11-23 13:43:41,942 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-11-23 13:43:41,942 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 13:43:41,942 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:43:41,943 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-23 13:43:41,943 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 13:43:41,943 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 13:43:41,943 INFO L85 PathProgramCache]: Analyzing trace with hash 1387403360, now seen corresponding path program 1 times [2022-11-23 13:43:41,944 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 13:43:41,944 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1430879626] [2022-11-23 13:43:41,944 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:41,944 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 13:43:41,976 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:42,137 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 13:43:42,137 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 13:43:42,138 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1430879626] [2022-11-23 13:43:42,138 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1430879626] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 13:43:42,138 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 13:43:42,138 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-23 13:43:42,138 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1944120303] [2022-11-23 13:43:42,139 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 13:43:42,139 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-23 13:43:42,139 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 13:43:42,140 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-23 13:43:42,140 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-23 13:43:42,140 INFO L87 Difference]: Start difference. First operand 117 states and 157 transitions. Second operand has 6 states, 5 states have (on average 4.2) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 13:43:42,339 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 13:43:42,339 INFO L93 Difference]: Finished difference Result 343 states and 464 transitions. [2022-11-23 13:43:42,340 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-23 13:43:42,340 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.2) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-11-23 13:43:42,340 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 13:43:42,351 INFO L225 Difference]: With dead ends: 343 [2022-11-23 13:43:42,352 INFO L226 Difference]: Without dead ends: 228 [2022-11-23 13:43:42,355 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-23 13:43:42,360 INFO L413 NwaCegarLoop]: 77 mSDtfsCounter, 57 mSDsluCounter, 262 mSDsCounter, 0 mSdLazyCounter, 118 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 339 SdHoareTripleChecker+Invalid, 119 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 118 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 13:43:42,364 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 339 Invalid, 119 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 118 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 13:43:42,366 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 228 states. [2022-11-23 13:43:42,413 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 228 to 220. [2022-11-23 13:43:42,420 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 220 states, 135 states have (on average 1.385185185185185) internal successors, (187), 170 states have internal predecessors, (187), 54 states have call successors, (54), 30 states have call predecessors, (54), 30 states have return successors, (54), 32 states have call predecessors, (54), 54 states have call successors, (54) [2022-11-23 13:43:42,427 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 220 states to 220 states and 295 transitions. [2022-11-23 13:43:42,428 INFO L78 Accepts]: Start accepts. Automaton has 220 states and 295 transitions. Word has length 24 [2022-11-23 13:43:42,428 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 13:43:42,428 INFO L495 AbstractCegarLoop]: Abstraction has 220 states and 295 transitions. [2022-11-23 13:43:42,429 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.2) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-23 13:43:42,429 INFO L276 IsEmpty]: Start isEmpty. Operand 220 states and 295 transitions. [2022-11-23 13:43:42,433 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-11-23 13:43:42,433 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 13:43:42,433 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:43:42,434 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-23 13:43:42,434 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 13:43:42,435 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 13:43:42,435 INFO L85 PathProgramCache]: Analyzing trace with hash -1827686863, now seen corresponding path program 1 times [2022-11-23 13:43:42,435 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 13:43:42,436 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [96612471] [2022-11-23 13:43:42,436 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:42,436 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 13:43:42,459 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:42,531 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 13:43:42,532 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 13:43:42,532 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [96612471] [2022-11-23 13:43:42,532 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [96612471] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 13:43:42,532 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 13:43:42,533 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-23 13:43:42,533 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1708871894] [2022-11-23 13:43:42,533 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 13:43:42,534 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-23 13:43:42,534 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 13:43:42,534 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-23 13:43:42,534 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-23 13:43:42,535 INFO L87 Difference]: Start difference. First operand 220 states and 295 transitions. Second operand has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 13:43:42,646 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 13:43:42,646 INFO L93 Difference]: Finished difference Result 594 states and 818 transitions. [2022-11-23 13:43:42,646 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-23 13:43:42,647 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 27 [2022-11-23 13:43:42,647 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 13:43:42,649 INFO L225 Difference]: With dead ends: 594 [2022-11-23 13:43:42,649 INFO L226 Difference]: Without dead ends: 376 [2022-11-23 13:43:42,651 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-23 13:43:42,651 INFO L413 NwaCegarLoop]: 75 mSDtfsCounter, 42 mSDsluCounter, 127 mSDsCounter, 0 mSdLazyCounter, 57 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 202 SdHoareTripleChecker+Invalid, 67 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 57 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 13:43:42,652 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [42 Valid, 202 Invalid, 67 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 57 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 13:43:42,653 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 376 states. [2022-11-23 13:43:42,701 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 376 to 366. [2022-11-23 13:43:42,703 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 366 states, 241 states have (on average 1.2987551867219918) internal successors, (313), 270 states have internal predecessors, (313), 68 states have call successors, (68), 56 states have call predecessors, (68), 56 states have return successors, (92), 58 states have call predecessors, (92), 68 states have call successors, (92) [2022-11-23 13:43:42,705 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 366 states to 366 states and 473 transitions. [2022-11-23 13:43:42,706 INFO L78 Accepts]: Start accepts. Automaton has 366 states and 473 transitions. Word has length 27 [2022-11-23 13:43:42,706 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 13:43:42,706 INFO L495 AbstractCegarLoop]: Abstraction has 366 states and 473 transitions. [2022-11-23 13:43:42,707 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 13:43:42,707 INFO L276 IsEmpty]: Start isEmpty. Operand 366 states and 473 transitions. [2022-11-23 13:43:42,708 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-11-23 13:43:42,708 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 13:43:42,708 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:43:42,708 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-23 13:43:42,709 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 13:43:42,709 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 13:43:42,709 INFO L85 PathProgramCache]: Analyzing trace with hash 1298358028, now seen corresponding path program 1 times [2022-11-23 13:43:42,710 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 13:43:42,710 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [294155872] [2022-11-23 13:43:42,710 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:42,710 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 13:43:42,740 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:43,148 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 13:43:43,148 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 13:43:43,148 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [294155872] [2022-11-23 13:43:43,149 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [294155872] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 13:43:43,149 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 13:43:43,149 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-23 13:43:43,149 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [205231063] [2022-11-23 13:43:43,149 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 13:43:43,150 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-23 13:43:43,151 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 13:43:43,151 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-23 13:43:43,152 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-11-23 13:43:43,152 INFO L87 Difference]: Start difference. First operand 366 states and 473 transitions. Second operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-23 13:43:43,363 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 13:43:43,363 INFO L93 Difference]: Finished difference Result 1060 states and 1371 transitions. [2022-11-23 13:43:43,363 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-23 13:43:43,364 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 37 [2022-11-23 13:43:43,364 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 13:43:43,368 INFO L225 Difference]: With dead ends: 1060 [2022-11-23 13:43:43,368 INFO L226 Difference]: Without dead ends: 696 [2022-11-23 13:43:43,369 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=26, Unknown=0, NotChecked=0, Total=42 [2022-11-23 13:43:43,375 INFO L413 NwaCegarLoop]: 98 mSDtfsCounter, 148 mSDsluCounter, 120 mSDsCounter, 0 mSdLazyCounter, 105 mSolverCounterSat, 36 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 149 SdHoareTripleChecker+Valid, 218 SdHoareTripleChecker+Invalid, 141 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 36 IncrementalHoareTripleChecker+Valid, 105 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 13:43:43,379 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [149 Valid, 218 Invalid, 141 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [36 Valid, 105 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 13:43:43,381 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 696 states. [2022-11-23 13:43:43,447 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 696 to 620. [2022-11-23 13:43:43,449 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 620 states, 423 states have (on average 1.2742316784869976) internal successors, (539), 454 states have internal predecessors, (539), 98 states have call successors, (98), 86 states have call predecessors, (98), 98 states have return successors, (134), 98 states have call predecessors, (134), 98 states have call successors, (134) [2022-11-23 13:43:43,455 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 620 states to 620 states and 771 transitions. [2022-11-23 13:43:43,455 INFO L78 Accepts]: Start accepts. Automaton has 620 states and 771 transitions. Word has length 37 [2022-11-23 13:43:43,456 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 13:43:43,456 INFO L495 AbstractCegarLoop]: Abstraction has 620 states and 771 transitions. [2022-11-23 13:43:43,456 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-23 13:43:43,456 INFO L276 IsEmpty]: Start isEmpty. Operand 620 states and 771 transitions. [2022-11-23 13:43:43,458 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-11-23 13:43:43,458 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 13:43:43,458 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:43:43,458 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-23 13:43:43,458 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 13:43:43,459 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 13:43:43,459 INFO L85 PathProgramCache]: Analyzing trace with hash -1903709135, now seen corresponding path program 1 times [2022-11-23 13:43:43,459 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 13:43:43,459 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [446852796] [2022-11-23 13:43:43,459 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:43,460 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 13:43:43,475 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:43,537 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 13:43:43,538 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 13:43:43,538 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [446852796] [2022-11-23 13:43:43,538 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [446852796] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 13:43:43,538 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 13:43:43,538 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-23 13:43:43,539 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [174834408] [2022-11-23 13:43:43,539 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 13:43:43,539 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 13:43:43,539 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 13:43:43,540 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 13:43:43,540 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 13:43:43,540 INFO L87 Difference]: Start difference. First operand 620 states and 771 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2022-11-23 13:43:43,651 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 13:43:43,651 INFO L93 Difference]: Finished difference Result 831 states and 1057 transitions. [2022-11-23 13:43:43,652 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 13:43:43,652 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 40 [2022-11-23 13:43:43,652 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 13:43:43,656 INFO L225 Difference]: With dead ends: 831 [2022-11-23 13:43:43,656 INFO L226 Difference]: Without dead ends: 829 [2022-11-23 13:43:43,657 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 13:43:43,657 INFO L413 NwaCegarLoop]: 78 mSDtfsCounter, 55 mSDsluCounter, 62 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 140 SdHoareTripleChecker+Invalid, 38 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-23 13:43:43,658 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 140 Invalid, 38 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-23 13:43:43,659 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 829 states. [2022-11-23 13:43:43,730 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 829 to 813. [2022-11-23 13:43:43,731 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 813 states, 549 states have (on average 1.2859744990892532) internal successors, (706), 595 states have internal predecessors, (706), 132 states have call successors, (132), 114 states have call predecessors, (132), 131 states have return successors, (196), 129 states have call predecessors, (196), 132 states have call successors, (196) [2022-11-23 13:43:43,735 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 813 states to 813 states and 1034 transitions. [2022-11-23 13:43:43,736 INFO L78 Accepts]: Start accepts. Automaton has 813 states and 1034 transitions. Word has length 40 [2022-11-23 13:43:43,736 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 13:43:43,736 INFO L495 AbstractCegarLoop]: Abstraction has 813 states and 1034 transitions. [2022-11-23 13:43:43,736 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2022-11-23 13:43:43,737 INFO L276 IsEmpty]: Start isEmpty. Operand 813 states and 1034 transitions. [2022-11-23 13:43:43,740 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2022-11-23 13:43:43,740 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 13:43:43,740 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:43:43,740 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-23 13:43:43,741 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 13:43:43,741 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 13:43:43,741 INFO L85 PathProgramCache]: Analyzing trace with hash 609008927, now seen corresponding path program 1 times [2022-11-23 13:43:43,741 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 13:43:43,741 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [857170145] [2022-11-23 13:43:43,741 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:43,742 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 13:43:43,754 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:43,785 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 13:43:43,786 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 13:43:43,786 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [857170145] [2022-11-23 13:43:43,786 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [857170145] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 13:43:43,786 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 13:43:43,786 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-23 13:43:43,786 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1065339325] [2022-11-23 13:43:43,787 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 13:43:43,787 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-23 13:43:43,787 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 13:43:43,787 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-23 13:43:43,788 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-23 13:43:43,788 INFO L87 Difference]: Start difference. First operand 813 states and 1034 transitions. Second operand has 4 states, 3 states have (on average 16.0) internal successors, (48), 4 states have internal predecessors, (48), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2022-11-23 13:43:43,945 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 13:43:43,946 INFO L93 Difference]: Finished difference Result 1329 states and 1690 transitions. [2022-11-23 13:43:43,946 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-23 13:43:43,946 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 16.0) internal successors, (48), 4 states have internal predecessors, (48), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) Word has length 64 [2022-11-23 13:43:43,946 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 13:43:43,949 INFO L225 Difference]: With dead ends: 1329 [2022-11-23 13:43:43,949 INFO L226 Difference]: Without dead ends: 518 [2022-11-23 13:43:43,951 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-23 13:43:43,952 INFO L413 NwaCegarLoop]: 86 mSDtfsCounter, 97 mSDsluCounter, 50 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 97 SdHoareTripleChecker+Valid, 136 SdHoareTripleChecker+Invalid, 94 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 13:43:43,952 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [97 Valid, 136 Invalid, 94 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 13:43:43,953 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 518 states. [2022-11-23 13:43:44,004 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 518 to 502. [2022-11-23 13:43:44,005 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 502 states, 345 states have (on average 1.2695652173913043) internal successors, (438), 373 states have internal predecessors, (438), 78 states have call successors, (78), 69 states have call predecessors, (78), 78 states have return successors, (109), 77 states have call predecessors, (109), 78 states have call successors, (109) [2022-11-23 13:43:44,028 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 502 states to 502 states and 625 transitions. [2022-11-23 13:43:44,028 INFO L78 Accepts]: Start accepts. Automaton has 502 states and 625 transitions. Word has length 64 [2022-11-23 13:43:44,028 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 13:43:44,029 INFO L495 AbstractCegarLoop]: Abstraction has 502 states and 625 transitions. [2022-11-23 13:43:44,029 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 16.0) internal successors, (48), 4 states have internal predecessors, (48), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2022-11-23 13:43:44,029 INFO L276 IsEmpty]: Start isEmpty. Operand 502 states and 625 transitions. [2022-11-23 13:43:44,031 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 74 [2022-11-23 13:43:44,031 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 13:43:44,031 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:43:44,031 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-23 13:43:44,031 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 13:43:44,032 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 13:43:44,032 INFO L85 PathProgramCache]: Analyzing trace with hash 1058484858, now seen corresponding path program 1 times [2022-11-23 13:43:44,032 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 13:43:44,032 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1205258251] [2022-11-23 13:43:44,032 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:44,033 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 13:43:44,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:44,178 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 17 proven. 6 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-23 13:43:44,179 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 13:43:44,179 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1205258251] [2022-11-23 13:43:44,179 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1205258251] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 13:43:44,181 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1280067317] [2022-11-23 13:43:44,181 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:44,181 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 13:43:44,181 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 13:43:44,186 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 13:43:44,212 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-23 13:43:44,303 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:44,306 INFO L263 TraceCheckSpWp]: Trace formula consists of 322 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-23 13:43:44,314 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 13:43:44,433 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 31 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 13:43:44,434 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-23 13:43:44,434 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1280067317] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 13:43:44,434 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-23 13:43:44,434 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [7] total 8 [2022-11-23 13:43:44,435 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [757454566] [2022-11-23 13:43:44,435 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 13:43:44,436 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 13:43:44,437 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 13:43:44,437 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 13:43:44,437 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=35, Unknown=0, NotChecked=0, Total=56 [2022-11-23 13:43:44,438 INFO L87 Difference]: Start difference. First operand 502 states and 625 transitions. Second operand has 3 states, 3 states have (on average 18.0) internal successors, (54), 3 states have internal predecessors, (54), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2022-11-23 13:43:44,544 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 13:43:44,544 INFO L93 Difference]: Finished difference Result 857 states and 1086 transitions. [2022-11-23 13:43:44,545 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 13:43:44,545 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 18.0) internal successors, (54), 3 states have internal predecessors, (54), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) Word has length 73 [2022-11-23 13:43:44,545 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 13:43:44,547 INFO L225 Difference]: With dead ends: 857 [2022-11-23 13:43:44,548 INFO L226 Difference]: Without dead ends: 477 [2022-11-23 13:43:44,549 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 80 GetRequests, 74 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=35, Unknown=0, NotChecked=0, Total=56 [2022-11-23 13:43:44,551 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 38 mSDsluCounter, 42 mSDsCounter, 0 mSdLazyCounter, 43 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 131 SdHoareTripleChecker+Invalid, 46 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 43 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-23 13:43:44,551 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 131 Invalid, 46 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 43 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-23 13:43:44,552 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 477 states. [2022-11-23 13:43:44,609 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 477 to 477. [2022-11-23 13:43:44,610 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 477 states, 329 states have (on average 1.2279635258358663) internal successors, (404), 356 states have internal predecessors, (404), 74 states have call successors, (74), 65 states have call predecessors, (74), 73 states have return successors, (89), 73 states have call predecessors, (89), 74 states have call successors, (89) [2022-11-23 13:43:44,613 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 477 states to 477 states and 567 transitions. [2022-11-23 13:43:44,613 INFO L78 Accepts]: Start accepts. Automaton has 477 states and 567 transitions. Word has length 73 [2022-11-23 13:43:44,615 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 13:43:44,615 INFO L495 AbstractCegarLoop]: Abstraction has 477 states and 567 transitions. [2022-11-23 13:43:44,616 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 18.0) internal successors, (54), 3 states have internal predecessors, (54), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2022-11-23 13:43:44,616 INFO L276 IsEmpty]: Start isEmpty. Operand 477 states and 567 transitions. [2022-11-23 13:43:44,618 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 82 [2022-11-23 13:43:44,618 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 13:43:44,618 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:43:44,629 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-23 13:43:44,824 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 13:43:44,824 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 13:43:44,825 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 13:43:44,825 INFO L85 PathProgramCache]: Analyzing trace with hash 108431402, now seen corresponding path program 1 times [2022-11-23 13:43:44,825 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 13:43:44,825 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2056690074] [2022-11-23 13:43:44,825 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:44,826 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 13:43:44,843 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:45,048 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 11 proven. 6 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2022-11-23 13:43:45,049 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 13:43:45,049 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2056690074] [2022-11-23 13:43:45,049 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2056690074] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 13:43:45,049 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1503185705] [2022-11-23 13:43:45,049 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:45,049 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 13:43:45,050 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 13:43:45,051 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 13:43:45,090 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-23 13:43:45,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:45,223 INFO L263 TraceCheckSpWp]: Trace formula consists of 347 conjuncts, 28 conjunts are in the unsatisfiable core [2022-11-23 13:43:45,226 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 13:43:45,491 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 19 proven. 11 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 13:43:45,491 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 13:43:45,922 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 12 proven. 6 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-11-23 13:43:45,922 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1503185705] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 13:43:45,922 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [127342497] [2022-11-23 13:43:45,946 INFO L159 IcfgInterpreter]: Started Sifa with 52 locations of interest [2022-11-23 13:43:45,947 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 13:43:45,956 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 13:43:45,962 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 13:43:45,963 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 13:43:50,125 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 33 for LOIs [2022-11-23 13:43:50,131 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 47 for LOIs [2022-11-23 13:43:50,442 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 42 for LOIs [2022-11-23 13:43:50,632 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 24 for LOIs [2022-11-23 13:43:50,695 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 47 for LOIs [2022-11-23 13:43:50,713 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 50 for LOIs [2022-11-23 13:43:50,725 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 27 for LOIs [2022-11-23 13:43:50,728 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 13:43:56,694 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '13967#(and (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~8#1|) (<= 0 (+ |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 2147483648)) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~3#1| ~methaneLevelCritical~0) (= ~head~0.offset 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1|) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~8#1|) (<= 0 ~methAndRunningLastTime~0) (<= 0 |old(~methAndRunningLastTime~0)|) (<= |old(~methAndRunningLastTime~0)| 1) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~3#1| 0)) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 0)) (not (= ~methAndRunningLastTime~0 0)) (<= ~methAndRunningLastTime~0 1) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 2147483647) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp~3#1| 1) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-23 13:43:56,695 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 13:43:56,695 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 13:43:56,695 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9, 11] total 20 [2022-11-23 13:43:56,695 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1602531083] [2022-11-23 13:43:56,695 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 13:43:56,696 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2022-11-23 13:43:56,696 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 13:43:56,697 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2022-11-23 13:43:56,698 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=270, Invalid=2486, Unknown=0, NotChecked=0, Total=2756 [2022-11-23 13:43:56,699 INFO L87 Difference]: Start difference. First operand 477 states and 567 transitions. Second operand has 20 states, 13 states have (on average 8.153846153846153) internal successors, (106), 16 states have internal predecessors, (106), 8 states have call successors, (28), 8 states have call predecessors, (28), 11 states have return successors, (27), 9 states have call predecessors, (27), 8 states have call successors, (27) [2022-11-23 13:43:58,363 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 13:43:58,364 INFO L93 Difference]: Finished difference Result 1200 states and 1462 transitions. [2022-11-23 13:43:58,364 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 24 states. [2022-11-23 13:43:58,364 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 13 states have (on average 8.153846153846153) internal successors, (106), 16 states have internal predecessors, (106), 8 states have call successors, (28), 8 states have call predecessors, (28), 11 states have return successors, (27), 9 states have call predecessors, (27), 8 states have call successors, (27) Word has length 81 [2022-11-23 13:43:58,365 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 13:43:58,369 INFO L225 Difference]: With dead ends: 1200 [2022-11-23 13:43:58,369 INFO L226 Difference]: Without dead ends: 979 [2022-11-23 13:43:58,371 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 277 GetRequests, 190 SyntacticMatches, 17 SemanticMatches, 70 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2217 ImplicationChecksByTransitivity, 6.6s TimeCoverageRelationStatistics Valid=479, Invalid=4633, Unknown=0, NotChecked=0, Total=5112 [2022-11-23 13:43:58,372 INFO L413 NwaCegarLoop]: 59 mSDtfsCounter, 577 mSDsluCounter, 466 mSDsCounter, 0 mSdLazyCounter, 1849 mSolverCounterSat, 301 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 585 SdHoareTripleChecker+Valid, 525 SdHoareTripleChecker+Invalid, 2150 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 301 IncrementalHoareTripleChecker+Valid, 1849 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.1s IncrementalHoareTripleChecker+Time [2022-11-23 13:43:58,372 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [585 Valid, 525 Invalid, 2150 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [301 Valid, 1849 Invalid, 0 Unknown, 0 Unchecked, 1.1s Time] [2022-11-23 13:43:58,374 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 979 states. [2022-11-23 13:43:58,437 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 979 to 841. [2022-11-23 13:43:58,439 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 841 states, 585 states have (on average 1.2290598290598291) internal successors, (719), 626 states have internal predecessors, (719), 126 states have call successors, (126), 111 states have call predecessors, (126), 129 states have return successors, (152), 131 states have call predecessors, (152), 126 states have call successors, (152) [2022-11-23 13:43:58,442 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 841 states to 841 states and 997 transitions. [2022-11-23 13:43:58,442 INFO L78 Accepts]: Start accepts. Automaton has 841 states and 997 transitions. Word has length 81 [2022-11-23 13:43:58,443 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 13:43:58,443 INFO L495 AbstractCegarLoop]: Abstraction has 841 states and 997 transitions. [2022-11-23 13:43:58,443 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 13 states have (on average 8.153846153846153) internal successors, (106), 16 states have internal predecessors, (106), 8 states have call successors, (28), 8 states have call predecessors, (28), 11 states have return successors, (27), 9 states have call predecessors, (27), 8 states have call successors, (27) [2022-11-23 13:43:58,443 INFO L276 IsEmpty]: Start isEmpty. Operand 841 states and 997 transitions. [2022-11-23 13:43:58,446 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2022-11-23 13:43:58,446 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 13:43:58,446 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:43:58,464 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2022-11-23 13:43:58,651 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 13:43:58,652 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 13:43:58,652 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 13:43:58,652 INFO L85 PathProgramCache]: Analyzing trace with hash -2024719011, now seen corresponding path program 1 times [2022-11-23 13:43:58,652 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 13:43:58,653 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1326358130] [2022-11-23 13:43:58,653 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:58,653 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 13:43:58,673 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:58,971 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 6 proven. 16 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-11-23 13:43:58,971 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 13:43:58,971 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1326358130] [2022-11-23 13:43:58,971 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1326358130] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 13:43:58,971 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [252294835] [2022-11-23 13:43:58,972 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 13:43:58,972 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 13:43:58,972 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 13:43:58,973 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 13:43:59,002 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-23 13:43:59,080 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 13:43:59,082 INFO L263 TraceCheckSpWp]: Trace formula consists of 353 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-23 13:43:59,085 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 13:43:59,549 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 17 proven. 18 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 13:43:59,549 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 13:44:00,272 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 13 proven. 3 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2022-11-23 13:44:00,273 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [252294835] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 13:44:00,273 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1752860065] [2022-11-23 13:44:00,275 INFO L159 IcfgInterpreter]: Started Sifa with 52 locations of interest [2022-11-23 13:44:00,275 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 13:44:00,276 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 13:44:00,276 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 13:44:00,276 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 13:44:04,009 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 49 for LOIs [2022-11-23 13:44:04,017 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 47 for LOIs [2022-11-23 13:44:04,306 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 40 for LOIs [2022-11-23 13:44:04,446 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 60 for LOIs [2022-11-23 13:44:04,655 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 41 for LOIs [2022-11-23 13:44:04,660 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 50 for LOIs [2022-11-23 13:44:04,668 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 36 for LOIs [2022-11-23 13:44:04,671 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 13:44:12,134 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '17602#(and (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~8#1|) (<= 0 (+ |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 2147483648)) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~3#1| ~methaneLevelCritical~0) (= ~head~0.offset 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1|) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~8#1|) (<= 0 ~methAndRunningLastTime~0) (<= 0 |old(~methAndRunningLastTime~0)|) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~3#1| 0)) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 0)) (not (= ~methAndRunningLastTime~0 0)) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 2147483647) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp~3#1| 1) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-23 13:44:12,135 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 13:44:12,135 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 13:44:12,135 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 13, 16] total 37 [2022-11-23 13:44:12,135 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1400441628] [2022-11-23 13:44:12,135 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 13:44:12,136 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 37 states [2022-11-23 13:44:12,136 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 13:44:12,137 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 37 interpolants. [2022-11-23 13:44:12,138 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=485, Invalid=4771, Unknown=0, NotChecked=0, Total=5256 [2022-11-23 13:44:12,139 INFO L87 Difference]: Start difference. First operand 841 states and 997 transitions. Second operand has 37 states, 29 states have (on average 4.689655172413793) internal successors, (136), 31 states have internal predecessors, (136), 17 states have call successors, (36), 13 states have call predecessors, (36), 15 states have return successors, (33), 15 states have call predecessors, (33), 17 states have call successors, (33) [2022-11-23 13:44:25,493 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 13:44:25,493 INFO L93 Difference]: Finished difference Result 3526 states and 4431 transitions. [2022-11-23 13:44:25,493 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 228 states. [2022-11-23 13:44:25,494 INFO L78 Accepts]: Start accepts. Automaton has has 37 states, 29 states have (on average 4.689655172413793) internal successors, (136), 31 states have internal predecessors, (136), 17 states have call successors, (36), 13 states have call predecessors, (36), 15 states have return successors, (33), 15 states have call predecessors, (33), 17 states have call successors, (33) Word has length 84 [2022-11-23 13:44:25,494 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 13:44:25,496 INFO L225 Difference]: With dead ends: 3526 [2022-11-23 13:44:25,496 INFO L226 Difference]: Without dead ends: 0 [2022-11-23 13:44:25,512 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 529 GetRequests, 217 SyntacticMatches, 15 SemanticMatches, 297 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 36316 ImplicationChecksByTransitivity, 16.0s TimeCoverageRelationStatistics Valid=6324, Invalid=82778, Unknown=0, NotChecked=0, Total=89102 [2022-11-23 13:44:25,512 INFO L413 NwaCegarLoop]: 209 mSDtfsCounter, 2870 mSDsluCounter, 2609 mSDsCounter, 0 mSdLazyCounter, 7643 mSolverCounterSat, 2447 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 4.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2870 SdHoareTripleChecker+Valid, 2818 SdHoareTripleChecker+Invalid, 10090 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 2447 IncrementalHoareTripleChecker+Valid, 7643 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 4.8s IncrementalHoareTripleChecker+Time [2022-11-23 13:44:25,513 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [2870 Valid, 2818 Invalid, 10090 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [2447 Valid, 7643 Invalid, 0 Unknown, 0 Unchecked, 4.8s Time] [2022-11-23 13:44:25,513 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-23 13:44:25,513 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-23 13:44:25,514 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-23 13:44:25,514 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-23 13:44:25,514 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 84 [2022-11-23 13:44:25,514 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 13:44:25,515 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-23 13:44:25,515 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 37 states, 29 states have (on average 4.689655172413793) internal successors, (136), 31 states have internal predecessors, (136), 17 states have call successors, (36), 13 states have call predecessors, (36), 15 states have return successors, (33), 15 states have call predecessors, (33), 17 states have call successors, (33) [2022-11-23 13:44:25,515 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-23 13:44:25,515 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-23 13:44:25,518 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-23 13:44:25,527 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-23 13:44:25,723 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-11-23 13:44:25,725 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-23 13:44:47,614 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 702 709) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 0))) (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1))))) [2022-11-23 13:44:47,614 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 702 709) no Hoare annotation was computed. [2022-11-23 13:44:47,615 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 609 615) no Hoare annotation was computed. [2022-11-23 13:44:47,615 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 609 615) the Hoare annotation is: true [2022-11-23 13:44:47,615 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 459 470) the Hoare annotation is: (let ((.cse4 (not (= 0 ~systemActive~0))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (= ~methaneLevelCritical~0 1)) (.cse2 (not (= |old(~methaneLevelCritical~0)| 1))) (.cse3 (not (= ~methAndRunningLastTime~0 0))) (.cse5 (not (= |old(~methaneLevelCritical~0)| 0))) (.cse7 (not (= 1 ~systemActive~0))) (.cse6 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse8 (not (<= 1 ~pumpRunning~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse0 .cse6 .cse3 .cse4) (or .cse5 .cse0 .cse7 .cse6 .cse3) (or .cse7 .cse8 .cse1 .cse2) (or .cse0 .cse7 .cse1 .cse2 .cse3) (or .cse5 .cse7 .cse6 .cse8))) [2022-11-23 13:44:47,615 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 459 470) no Hoare annotation was computed. [2022-11-23 13:44:47,616 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 937 966) no Hoare annotation was computed. [2022-11-23 13:44:47,616 INFO L899 garLoopResultBuilder]: For program point L958(line 958) no Hoare annotation was computed. [2022-11-23 13:44:47,616 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 937 966) the Hoare annotation is: true [2022-11-23 13:44:47,616 INFO L899 garLoopResultBuilder]: For program point L951(lines 951 955) no Hoare annotation was computed. [2022-11-23 13:44:47,616 INFO L902 garLoopResultBuilder]: At program point L951-1(lines 951 955) the Hoare annotation is: true [2022-11-23 13:44:47,616 INFO L902 garLoopResultBuilder]: At program point L947-2(lines 947 961) the Hoare annotation is: true [2022-11-23 13:44:47,617 INFO L902 garLoopResultBuilder]: At program point L943(line 943) the Hoare annotation is: true [2022-11-23 13:44:47,617 INFO L899 garLoopResultBuilder]: For program point L943-1(line 943) no Hoare annotation was computed. [2022-11-23 13:44:47,617 INFO L902 garLoopResultBuilder]: At program point L962(lines 937 966) the Hoare annotation is: true [2022-11-23 13:44:47,617 INFO L895 garLoopResultBuilder]: At program point L688(line 688) the Hoare annotation is: (let ((.cse9 (not (= 0 ~systemActive~0))) (.cse7 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse5 (not (= |old(~waterLevel~0)| 0))) (.cse6 (= ~waterLevel~0 0)) (.cse10 (not (= |old(~waterLevel~0)| 1))) (.cse11 (= ~waterLevel~0 1)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse8 (not (= ~methaneLevelCritical~0 0))) (.cse4 (and (= ~pumpRunning~0 0) (= ~methAndRunningLastTime~0 0) (<= |old(~waterLevel~0)| ~waterLevel~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse2 .cse5 .cse3 .cse6) (or .cse2 .cse7 .cse8) (or .cse0 .cse3 .cse9) (or .cse0 .cse8 .cse9) (or .cse2 .cse7 .cse3) (or .cse0 .cse1 .cse10 .cse2 .cse3 .cse11) (or .cse0 .cse1 .cse2 .cse8 .cse5 .cse6) (or .cse0 .cse1 .cse10 .cse2 .cse8 .cse11) (or .cse0 .cse1 .cse2 .cse8 .cse4))) [2022-11-23 13:44:47,618 INFO L895 garLoopResultBuilder]: At program point L688-1(lines 669 693) the Hoare annotation is: (let ((.cse8 (<= 1 ~pumpRunning~0)) (.cse18 (= ~waterLevel~0 1)) (.cse14 (= ~methAndRunningLastTime~0 0)) (.cse15 (<= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (= 1 ~systemActive~0))) (let ((.cse11 (not (= 0 ~systemActive~0))) (.cse3 (not (= |old(~waterLevel~0)| 0))) (.cse5 (= ~waterLevel~0 0)) (.cse6 (not (<= 1 |old(~pumpRunning~0)|))) (.cse12 (< |old(~waterLevel~0)| 2)) (.cse13 (<= 1 ~waterLevel~0)) (.cse17 (not (= |old(~waterLevel~0)| 1))) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse2 (not .cse10)) (.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse16 (and .cse8 (not .cse18) .cse14 .cse15)) (.cse9 (= ~pumpRunning~0 0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse2 .cse6 .cse7 (and .cse8 .cse5) (and .cse9 .cse10)) (or .cse0 .cse4 .cse11) (or .cse2 .cse6 .cse7 .cse3 .cse5) (or .cse2 .cse6 .cse12 .cse13 .cse4) (or .cse1 .cse14 .cse2 .cse6 .cse7) (or .cse0 .cse7 .cse11) (or .cse2 .cse6 .cse3 .cse4 .cse5) (or .cse2 .cse6 (and .cse9 (= |timeShift_processEnvironment_~tmp~6#1| 1) .cse10) .cse4) (or .cse0 .cse1 .cse2 .cse7 (and .cse9 .cse14 .cse15) .cse16) (or .cse0 .cse1 .cse17 .cse2 (and .cse14 .cse18) .cse4) (or .cse0 .cse1 .cse2 .cse7 .cse3 .cse5) (or .cse2 .cse6 .cse12 .cse7 .cse13) (or .cse0 .cse1 .cse17 .cse2 .cse7 .cse18) (or .cse0 .cse1 .cse2 .cse4 .cse16 (and .cse9 .cse10 .cse15))))) [2022-11-23 13:44:47,618 INFO L899 garLoopResultBuilder]: For program point L589-1(lines 588 607) no Hoare annotation was computed. [2022-11-23 13:44:47,619 INFO L895 garLoopResultBuilder]: At program point L552(line 552) the Hoare annotation is: (let ((.cse12 (<= 1 ~pumpRunning~0)) (.cse19 (<= |old(~waterLevel~0)| ~waterLevel~0)) (.cse13 (= 1 ~systemActive~0)) (.cse5 (= ~methAndRunningLastTime~0 0)) (.cse15 (= ~waterLevel~0 1))) (let ((.cse6 (not (= ~methaneLevelCritical~0 ~systemActive~0))) (.cse18 (<= 2 ~waterLevel~0)) (.cse11 (not (<= 1 |old(~pumpRunning~0)|))) (.cse16 (< |old(~waterLevel~0)| 2)) (.cse17 (<= 1 ~waterLevel~0)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse14 (not (= |old(~waterLevel~0)| 1))) (.cse21 (and .cse5 .cse15)) (.cse8 (not (= |old(~waterLevel~0)| 0))) (.cse10 (= ~waterLevel~0 0)) (.cse3 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse7 (not .cse13)) (.cse9 (not (= ~methaneLevelCritical~0 1))) (.cse20 (and .cse12 (not .cse15) .cse5 .cse19)) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse4 .cse5 .cse6 .cse3) (or .cse0 .cse4 .cse7 .cse8 .cse9 .cse10) (or .cse7 .cse11 .cse2 (and .cse12 .cse10) (and .cse1 .cse13)) (or .cse0 .cse4 .cse14 .cse6 .cse15 .cse3) (or .cse7 .cse11 .cse2 .cse8 .cse10) (or .cse7 .cse11 .cse16 .cse17 .cse9) (or .cse0 .cse18 .cse16 .cse6 .cse3) (or .cse4 .cse5 .cse7 .cse11 .cse2) (or .cse0 .cse18 .cse9 .cse3 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse2 .cse8 .cse10 .cse3) (or .cse7 .cse11 .cse8 .cse9 .cse10) (or .cse7 .cse11 (and .cse1 (= |timeShift_processEnvironment_~tmp~6#1| 1) .cse13) .cse9) (or .cse0 .cse4 .cse7 .cse2 (and .cse1 .cse5 .cse19) .cse20) (or .cse0 .cse4 .cse14 .cse7 .cse21 .cse9) (or .cse0 .cse4 .cse7 .cse2 .cse8 .cse10) (or .cse7 .cse11 .cse16 .cse2 .cse17) (or .cse0 .cse4 .cse14 .cse7 .cse2 .cse15) (or .cse0 .cse1 .cse9 .cse3) (or .cse0 .cse4 .cse14 .cse21 .cse9 .cse3) (or .cse0 .cse8 .cse9 .cse10 .cse3) (or .cse0 .cse4 .cse7 .cse9 .cse20 (and .cse1 .cse13 .cse19))))) [2022-11-23 13:44:47,619 INFO L899 garLoopResultBuilder]: For program point L552-1(line 552) no Hoare annotation was computed. [2022-11-23 13:44:47,620 INFO L895 garLoopResultBuilder]: At program point L420(line 420) the Hoare annotation is: (let ((.cse5 (not (= 0 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2) (or .cse3 .cse4 .cse5) (or .cse3 .cse2 .cse5) (or .cse3 .cse6 .cse0 .cse2) (or .cse0 .cse1 .cse4) (or .cse3 .cse6 .cse0 .cse4))) [2022-11-23 13:44:47,620 INFO L899 garLoopResultBuilder]: For program point L677(lines 677 685) no Hoare annotation was computed. [2022-11-23 13:44:47,620 INFO L899 garLoopResultBuilder]: For program point L673(lines 673 690) no Hoare annotation was computed. [2022-11-23 13:44:47,620 INFO L899 garLoopResultBuilder]: For program point L558(lines 558 568) no Hoare annotation was computed. [2022-11-23 13:44:47,621 INFO L895 garLoopResultBuilder]: At program point L715(line 715) the Hoare annotation is: (let ((.cse6 (not (= 0 ~systemActive~0))) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse7 (not (= |old(~waterLevel~0)| 0))) (.cse8 (= ~waterLevel~0 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (and (<= 1 ~pumpRunning~0) (or (<= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse10 (+ ~waterLevel~0 1))) (and (< 0 .cse10) (<= |old(~waterLevel~0)| .cse10)))))) (.cse5 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse3 .cse7 .cse8) (or .cse9 (= ~methAndRunningLastTime~0 0) .cse0 .cse1 .cse3) (or .cse4 .cse3 .cse6) (or .cse4 .cse9 .cse0 .cse3) (or .cse4 .cse9 .cse0 .cse5) (or .cse0 .cse1 .cse7 .cse5 .cse8) (or .cse0 .cse1 .cse2 .cse5))) [2022-11-23 13:44:47,621 INFO L895 garLoopResultBuilder]: At program point L715-1(line 715) the Hoare annotation is: (let ((.cse6 (not (= 0 ~systemActive~0))) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse10 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse8 (not (= |old(~waterLevel~0)| 0))) (.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse9 (= ~waterLevel~0 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse2 (or (let ((.cse11 (+ ~waterLevel~0 1))) (and (not (= ~pumpRunning~0 0)) (< 0 .cse11) (<= |old(~waterLevel~0)| .cse11))) (<= |old(~waterLevel~0)| ~waterLevel~0))) (.cse7 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 (and .cse1 (= |timeShift_isMethaneAlarm_#t~ret37#1| 1) .cse2) .cse3 .cse4) (or .cse5 .cse4 .cse6) (or .cse0 .cse3 .cse7 .cse8 .cse9) (or .cse10 (= ~methAndRunningLastTime~0 0) .cse0 .cse3 .cse7) (or .cse5 .cse7 .cse6) (or .cse5 .cse10 .cse0 .cse7) (or .cse5 .cse10 .cse0 .cse4) (or .cse0 .cse3 .cse8 .cse4 .cse9) (or .cse0 .cse3 (and .cse1 .cse2) .cse7))) [2022-11-23 13:44:47,622 INFO L895 garLoopResultBuilder]: At program point L554(lines 554 571) the Hoare annotation is: (let ((.cse16 (= 1 ~systemActive~0)) (.cse2 (= ~methAndRunningLastTime~0 0)) (.cse23 (= ~waterLevel~0 1))) (let ((.cse9 (<= 2 ~waterLevel~0)) (.cse11 (not (<= 2 |old(~waterLevel~0)|))) (.cse13 (< |old(~waterLevel~0)| 2)) (.cse14 (<= 1 ~waterLevel~0)) (.cse12 (not (<= 1 |old(~pumpRunning~0)|))) (.cse19 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~3#1| 0)) (.cse3 (not (= ~methaneLevelCritical~0 ~systemActive~0))) (.cse18 (and .cse2 .cse23)) (.cse6 (not (= |old(~waterLevel~0)| 0))) (.cse8 (= ~waterLevel~0 0)) (.cse17 (not (= |old(~waterLevel~0)| 1))) (.cse10 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse5 (not .cse16)) (.cse7 (not (= ~methaneLevelCritical~0 1))) (.cse21 (<= 1 ~pumpRunning~0)) (.cse22 (not .cse23)) (.cse15 (= ~pumpRunning~0 0)) (.cse20 (<= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse5 .cse6 .cse7 .cse8) (or .cse0 .cse9 .cse10 .cse4 .cse11) (or .cse5 .cse12 .cse10 .cse6 .cse8) (or .cse5 .cse12 .cse13 .cse14 .cse7) (or .cse1 .cse2 .cse5 .cse12 .cse10) (or .cse0 .cse9 .cse7 .cse4 .cse11) (or .cse0 .cse10 .cse6 .cse8 .cse4) (or .cse5 .cse12 .cse6 .cse7 .cse8) (or .cse5 .cse12 (and .cse15 (= |timeShift_processEnvironment_~tmp~6#1| 1) .cse16) .cse7) (or .cse0 .cse1 .cse17 .cse5 .cse18 .cse7) (or .cse0 .cse1 .cse5 .cse10 .cse6 .cse8) (or .cse5 .cse12 .cse13 .cse10 .cse14) (or (and .cse15 .cse19 .cse2 .cse20) .cse0 .cse1 .cse5 .cse10 (and .cse21 .cse22 .cse19 .cse2 .cse20)) (or (and .cse21 .cse19 .cse8) .cse5 (and .cse15 .cse19 .cse16) .cse12 .cse10) (or .cse0 .cse1 .cse17 .cse5 .cse10 .cse23) (or .cse0 .cse15 .cse7 .cse4) (or .cse0 (and .cse15 .cse19) .cse3 .cse4) (or .cse0 .cse1 .cse17 .cse18 .cse7 .cse4) (or .cse0 .cse6 .cse7 .cse8 .cse4) (or .cse0 .cse1 .cse17 .cse10 .cse23 .cse4) (or .cse0 .cse1 .cse5 .cse7 (and .cse21 .cse22 .cse2 .cse20) (and .cse15 .cse16 .cse20))))) [2022-11-23 13:44:47,622 INFO L895 garLoopResultBuilder]: At program point L554-1(lines 546 574) the Hoare annotation is: (let ((.cse9 (<= 1 ~pumpRunning~0)) (.cse24 (= ~methaneLevelCritical~0 0)) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~3#1| 0)) (.cse6 (= ~methAndRunningLastTime~0 0)) (.cse7 (= 1 ~systemActive~0)) (.cse12 (= ~waterLevel~0 0)) (.cse23 (= ~waterLevel~0 1))) (let ((.cse20 (<= 2 ~waterLevel~0)) (.cse21 (not (= ~methaneLevelCritical~0 ~systemActive~0))) (.cse10 (not .cse23)) (.cse8 (<= |old(~waterLevel~0)| ~waterLevel~0)) (.cse18 (< |old(~waterLevel~0)| 2)) (.cse19 (<= 1 ~waterLevel~0)) (.cse15 (and .cse4 .cse5 .cse6 .cse7 .cse12)) (.cse11 (not (<= 1 |old(~pumpRunning~0)|))) (.cse16 (and .cse9 .cse5 .cse6 .cse24 .cse7 (= |old(~waterLevel~0)| ~waterLevel~0) .cse12)) (.cse2 (not .cse7)) (.cse13 (not (= |old(~waterLevel~0)| 0))) (.cse14 (not (= ~methaneLevelCritical~0 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse22 (not (= |old(~waterLevel~0)| 1))) (.cse3 (not .cse24)) (.cse17 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (and .cse4 .cse5 .cse6 .cse7 .cse8) (and .cse9 .cse10 .cse5 .cse6 .cse8)) (or .cse2 .cse11 .cse3 (and .cse4 .cse5 .cse6 .cse7) (and .cse9 .cse5 .cse6 .cse12)) (or .cse0 .cse1 .cse2 .cse13 .cse14 .cse12) (or .cse0 .cse1 .cse15 .cse2 .cse3 .cse13 .cse16) (or .cse2 .cse11 (and .cse4 .cse6 (= |timeShift_processEnvironment_~tmp~6#1| 1) .cse7) .cse14) (or .cse0 .cse14 .cse17 (and .cse4 .cse6)) (or .cse2 .cse11 .cse18 .cse19 .cse14) (or .cse0 .cse20 .cse18 .cse21 .cse17) (or .cse0 .cse20 .cse14 .cse17 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse3 .cse13 .cse12 .cse17) (or .cse0 .cse1 .cse22 .cse2 .cse14 .cse23) (or .cse0 (and .cse4 .cse5 .cse6) .cse21 .cse17) (or .cse0 .cse1 .cse2 (and .cse9 .cse10 .cse8) .cse14 (and .cse4 .cse6 .cse7 .cse8)) (or .cse2 .cse11 .cse13 .cse14 .cse12) (or .cse2 .cse11 .cse18 .cse3 .cse19) (or .cse15 .cse2 .cse11 .cse3 .cse13 .cse16) (or .cse0 .cse1 .cse22 .cse2 .cse3 .cse23) (or .cse0 .cse1 .cse22 .cse14 .cse23 .cse17) (or .cse0 .cse13 .cse14 .cse12 .cse17) (or .cse0 .cse1 .cse22 .cse3 .cse23 .cse17)))) [2022-11-23 13:44:47,623 INFO L899 garLoopResultBuilder]: For program point L596-1(lines 596 602) no Hoare annotation was computed. [2022-11-23 13:44:47,623 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 585 608) the Hoare annotation is: (let ((.cse6 (= ~methAndRunningLastTime~0 0)) (.cse13 (= ~pumpRunning~0 0)) (.cse14 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse12 (= 0 ~systemActive~0))) (let ((.cse7 (not (= ~methaneLevelCritical~0 ~systemActive~0))) (.cse9 (and .cse13 .cse14 .cse12)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (and (<= 1 ~pumpRunning~0) .cse14)) (.cse0 (not (= 1 ~systemActive~0))) (.cse11 (and .cse13 .cse6 .cse14)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse10 (not (= ~methaneLevelCritical~0 1))) (.cse8 (not .cse12))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6 .cse7 .cse8) (or .cse4 .cse7 .cse9 .cse8) (or .cse4 .cse10 .cse9 .cse8) (or .cse5 .cse6 .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse10 .cse3) (or .cse4 .cse5 .cse0 .cse11 .cse10) (or .cse4 .cse5 .cse0 .cse11 .cse2) (or .cse4 .cse5 .cse6 (not (= |old(~waterLevel~0)| 1)) .cse10 .cse8)))) [2022-11-23 13:44:47,623 INFO L899 garLoopResultBuilder]: For program point L559(lines 559 565) no Hoare annotation was computed. [2022-11-23 13:44:47,624 INFO L895 garLoopResultBuilder]: At program point L683(line 683) the Hoare annotation is: (let ((.cse6 (not (= 0 ~systemActive~0))) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 (and (<= 1 ~pumpRunning~0) (or (<= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse2 (+ ~waterLevel~0 1))) (and (< 0 .cse2) (<= |old(~waterLevel~0)| .cse2))))) .cse3) (or .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse3 (not (= |old(~waterLevel~0)| 0)) (= ~waterLevel~0 0)) (or .cse7 (= ~methAndRunningLastTime~0 0) .cse0 .cse1 .cse3) (or .cse4 .cse3 .cse6) (or .cse4 .cse7 .cse0 .cse3) (or .cse0 .cse1 .cse5) (or .cse4 .cse7 .cse0 .cse5))) [2022-11-23 13:44:47,624 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 585 608) no Hoare annotation was computed. [2022-11-23 13:44:47,624 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 420) no Hoare annotation was computed. [2022-11-23 13:44:47,624 INFO L895 garLoopResultBuilder]: At program point L679(line 679) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse4 (or (let ((.cse11 (+ ~waterLevel~0 1))) (and (not (= ~pumpRunning~0 0)) (< 0 .cse11) (<= |old(~waterLevel~0)| .cse11))) (<= |old(~waterLevel~0)| ~waterLevel~0))) (.cse7 (not (= 0 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~pumpRunning~0)| 0))) (.cse10 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse8 (not (= |old(~waterLevel~0)| 0))) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse9 (= ~waterLevel~0 0))) (and (or .cse0 .cse1 .cse2 (and .cse3 (= |timeShift_processEnvironment_~tmp~6#1| 1) .cse4)) (or (and .cse3 .cse4 (not (= |timeShift_processEnvironment_~tmp~6#1| 0))) .cse0 .cse1 .cse5) (or .cse6 .cse2 .cse7) (or .cse0 .cse1 .cse5 .cse8 .cse9) (or .cse10 (= ~methAndRunningLastTime~0 0) .cse0 .cse1 .cse5) (or .cse6 .cse5 .cse7) (or .cse6 .cse10 .cse0 .cse5) (or .cse6 .cse10 .cse0 .cse2) (or .cse0 .cse1 .cse8 .cse2 .cse9))) [2022-11-23 13:44:47,625 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 471 479) the Hoare annotation is: true [2022-11-23 13:44:47,625 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 471 479) no Hoare annotation was computed. [2022-11-23 13:44:47,625 INFO L895 garLoopResultBuilder]: At program point L861(line 861) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (= ~methAndRunningLastTime~0 0)) (.cse2 (= ~methaneLevelCritical~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse7 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse6 .cse1 .cse3) (and .cse4 .cse5 .cse6 .cse3 .cse7) (and .cse0 .cse6 .cse1 .cse3) (and .cse4 .cse5 .cse2 .cse3 .cse7))) [2022-11-23 13:44:47,625 INFO L895 garLoopResultBuilder]: At program point L886(lines 839 888) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= ~waterLevel~0 1))) (.cse2 (= 1 ~systemActive~0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse7 (= ~pumpRunning~0 0)) (.cse5 (= ~methAndRunningLastTime~0 0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse8 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse1 .cse5 .cse6 .cse2 .cse4) (and .cse7 .cse5 .cse2 .cse3 .cse4) (and .cse7 .cse5 .cse6 .cse2 .cse4) (and .cse7 .cse5 .cse6 .cse4 .cse8) (and .cse7 .cse5 .cse3 .cse4 .cse8))) [2022-11-23 13:44:47,626 INFO L899 garLoopResultBuilder]: For program point L849(lines 849 855) no Hoare annotation was computed. [2022-11-23 13:44:47,626 INFO L899 garLoopResultBuilder]: For program point L849-1(lines 849 855) no Hoare annotation was computed. [2022-11-23 13:44:47,626 INFO L899 garLoopResultBuilder]: For program point L808(lines 808 814) no Hoare annotation was computed. [2022-11-23 13:44:47,626 INFO L895 garLoopResultBuilder]: At program point L808-1(lines 808 814) the Hoare annotation is: (let ((.cse7 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (let ((.cse4 (= 1 ~systemActive~0)) (.cse6 (= ~methaneLevelCritical~0 1)) (.cse2 (= ~methaneLevelCritical~0 0)) (.cse5 (or (and .cse0 .cse3 (not .cse7)) (and .cse0 .cse1 .cse3)))) (or (and (= ~methaneLevelCritical~0 ~systemActive~0) .cse0 .cse1 .cse2 .cse3) (and .cse2 .cse4 .cse5) (and .cse4 .cse6 .cse5) (and .cse6 (or (< 1 ~waterLevel~0) .cse7) .cse5) (and .cse2 (<= 2 ~waterLevel~0) .cse5)))) [2022-11-23 13:44:47,626 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-23 13:44:47,627 INFO L895 garLoopResultBuilder]: At program point L1019(lines 1019 1026) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methAndRunningLastTime~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-23 13:44:47,627 INFO L902 garLoopResultBuilder]: At program point L1019-2(lines 1019 1026) the Hoare annotation is: true [2022-11-23 13:44:47,627 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-23 13:44:47,627 INFO L902 garLoopResultBuilder]: At program point L892(lines 829 896) the Hoare annotation is: true [2022-11-23 13:44:47,627 INFO L899 garLoopResultBuilder]: For program point L859(lines 859 865) no Hoare annotation was computed. [2022-11-23 13:44:47,628 INFO L899 garLoopResultBuilder]: For program point L859-1(lines 859 865) no Hoare annotation was computed. [2022-11-23 13:44:47,628 INFO L895 garLoopResultBuilder]: At program point L851(line 851) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse5 (= ~methaneLevelCritical~0 0)) (.cse6 (= ~pumpRunning~0 0)) (.cse4 (= ~methAndRunningLastTime~0 0)) (.cse2 (= ~methaneLevelCritical~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse7 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse4 .cse5 .cse1 .cse3) (and .cse6 .cse4 .cse1 .cse2 .cse3) (and .cse6 .cse4 .cse5 .cse1 .cse3) (and .cse6 .cse4 .cse5 .cse3 .cse7) (and .cse6 .cse4 .cse2 .cse3 .cse7))) [2022-11-23 13:44:47,628 INFO L895 garLoopResultBuilder]: At program point L810(line 810) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 (= ~methaneLevelCritical~0 1) .cse2) (and .cse0 (= ~methaneLevelCritical~0 0) .cse1 .cse2))) [2022-11-23 13:44:47,628 INFO L895 garLoopResultBuilder]: At program point L889(lines 838 890) the Hoare annotation is: false [2022-11-23 13:44:47,628 INFO L899 garLoopResultBuilder]: For program point L877(lines 877 883) no Hoare annotation was computed. [2022-11-23 13:44:47,629 INFO L895 garLoopResultBuilder]: At program point L877-2(lines 869 884) the Hoare annotation is: (let ((.cse5 (= ~methAndRunningLastTime~0 0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse2 (= ~methaneLevelCritical~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse7 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse6 .cse1 .cse3) (and .cse4 .cse6 .cse3 .cse7) (and .cse0 .cse6 .cse1 .cse3) (and .cse4 .cse2 .cse3 .cse7))) [2022-11-23 13:44:47,629 INFO L899 garLoopResultBuilder]: For program point L840(lines 839 888) no Hoare annotation was computed. [2022-11-23 13:44:47,629 INFO L895 garLoopResultBuilder]: At program point L869(lines 869 884) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (= ~methAndRunningLastTime~0 0)) (.cse2 (= ~methaneLevelCritical~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse7 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse6 .cse1 .cse3) (and .cse4 .cse5 .cse6 .cse3 .cse7) (and .cse0 .cse6 .cse1 .cse3) (and .cse4 .cse5 .cse2 .cse3 .cse7))) [2022-11-23 13:44:47,629 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 617 641) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (not (= ~methAndRunningLastTime~0 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse0 .cse1 .cse2 .cse4 .cse3) (or (<= 1 ~pumpRunning~0) .cse2 (not (<= 1 |old(~pumpRunning~0)|)) (not (= ~waterLevel~0 0)) .cse4))) [2022-11-23 13:44:47,630 INFO L895 garLoopResultBuilder]: At program point L636(line 636) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= ~methAndRunningLastTime~0 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse3 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 1)) .cse2) (or .cse0 .cse1 .cse3 .cse2) (or (<= 1 ~pumpRunning~0) .cse1 (not (<= 1 |old(~pumpRunning~0)|)) (not (= ~waterLevel~0 0)) .cse3))) [2022-11-23 13:44:47,630 INFO L899 garLoopResultBuilder]: For program point L636-1(lines 617 641) no Hoare annotation was computed. [2022-11-23 13:44:47,630 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 617 641) no Hoare annotation was computed. [2022-11-23 13:44:47,630 INFO L895 garLoopResultBuilder]: At program point L631(line 631) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (and (= ~pumpRunning~0 0) (or (not (= ~waterLevel~0 1)) (= |processEnvironment__wrappee__highWaterSensor_~tmp~4#1| 0)))) (.cse4 (not (= ~methAndRunningLastTime~0 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse3 (not (= ~methaneLevelCritical~0 1)) .cse4) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) (not (= ~waterLevel~0 0)) .cse2))) [2022-11-23 13:44:47,631 INFO L895 garLoopResultBuilder]: At program point L625(lines 625 633) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (and (= ~pumpRunning~0 0) (or (not (= ~waterLevel~0 1)) (= |processEnvironment__wrappee__highWaterSensor_~tmp~4#1| 0)))) (.cse4 (not (= ~methAndRunningLastTime~0 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse3 (not (= ~methaneLevelCritical~0 1)) .cse4) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) (not (= ~waterLevel~0 0)) .cse2))) [2022-11-23 13:44:47,631 INFO L895 garLoopResultBuilder]: At program point L621(lines 621 638) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (not (= ~methAndRunningLastTime~0 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse0 .cse1 .cse2 .cse4 .cse3) (or (<= 1 ~pumpRunning~0) .cse2 (not (<= 1 |old(~pumpRunning~0)|)) (not (= ~waterLevel~0 0)) .cse4))) [2022-11-23 13:44:47,631 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 447 458) no Hoare annotation was computed. [2022-11-23 13:44:47,631 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 447 458) the Hoare annotation is: (let ((.cse3 (not (= 0 ~systemActive~0))) (.cse6 (not (<= 1 ~pumpRunning~0))) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse5 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse1 .cse2 .cse3) (or .cse0 .cse4 .cse1 .cse2 .cse3) (or .cse5 .cse6 .cse4 .cse1) (or .cse5 .cse7 .cse6 .cse1 .cse2) (or .cse0 .cse5 .cse7 .cse1 .cse2) (or .cse0 .cse5 .cse4 .cse1 .cse2))) [2022-11-23 13:44:47,632 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__lowWaterSensorENTRY(lines 643 667) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= ~methAndRunningLastTime~0 0)))) (and (or (<= 1 ~pumpRunning~0) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or .cse2 .cse3 .cse0 (not (= ~methaneLevelCritical~0 1)) .cse4) (or .cse2 .cse3 .cse0 .cse1 .cse4))) [2022-11-23 13:44:47,632 INFO L895 garLoopResultBuilder]: At program point L657(line 657) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (and (<= 1 ~pumpRunning~0) (= ~waterLevel~0 0))) (or .cse2 .cse0 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse2 .cse0 .cse1 .cse3))) [2022-11-23 13:44:47,632 INFO L895 garLoopResultBuilder]: At program point L653(line 653) the Hoare annotation is: (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse2 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 1)) .cse2) (or (and (<= 1 ~pumpRunning~0) (or (not (= |processEnvironment__wrappee__lowWaterSensor_~tmp~5#1| 0)) (= ~waterLevel~0 0))) .cse1 .cse3 .cse4) (or .cse1 .cse3 (not (<= 1 ~waterLevel~0)) (= |processEnvironment__wrappee__lowWaterSensor_~tmp~5#1| 1) .cse4) (or .cse0 .cse1 .cse4 .cse2))) [2022-11-23 13:44:47,633 INFO L899 garLoopResultBuilder]: For program point L651(lines 651 659) no Hoare annotation was computed. [2022-11-23 13:44:47,633 INFO L895 garLoopResultBuilder]: At program point L647(lines 647 664) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= ~methAndRunningLastTime~0 0)))) (and (or (<= 1 ~pumpRunning~0) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or .cse2 .cse3 .cse0 (not (= ~methaneLevelCritical~0 1)) .cse4) (or .cse2 .cse3 .cse0 .cse1 .cse4))) [2022-11-23 13:44:47,633 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__lowWaterSensorEXIT(lines 643 667) no Hoare annotation was computed. [2022-11-23 13:44:47,633 INFO L895 garLoopResultBuilder]: At program point L662(line 662) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or .cse2 .cse3 .cse0 (not (= ~methaneLevelCritical~0 1)) .cse4) (or .cse2 .cse3 .cse0 .cse1 .cse4))) [2022-11-23 13:44:47,633 INFO L899 garLoopResultBuilder]: For program point L662-1(lines 643 667) no Hoare annotation was computed. [2022-11-23 13:44:47,637 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 13:44:47,639 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-23 13:44:47,682 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 23.11 01:44:47 BoogieIcfgContainer [2022-11-23 13:44:47,682 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-23 13:44:47,683 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-23 13:44:47,683 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-23 13:44:47,683 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-23 13:44:47,684 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 01:43:40" (3/4) ... [2022-11-23 13:44:47,687 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-23 13:44:47,703 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-23 13:44:47,703 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-23 13:44:47,703 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-23 13:44:47,704 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-23 13:44:47,704 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-23 13:44:47,704 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-23 13:44:47,704 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 13:44:47,704 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-23 13:44:47,705 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2022-11-23 13:44:47,711 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 49 nodes and edges [2022-11-23 13:44:47,712 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-11-23 13:44:47,715 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2022-11-23 13:44:47,715 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 13:44:47,716 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 13:44:47,744 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || methAndRunningLastTime == 0) || !(methaneLevelCritical == systemActive)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(0 == systemActive))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 1)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || methAndRunningLastTime == 0) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) [2022-11-23 13:44:47,747 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (1 <= pumpRunning && waterLevel == 0)) || (pumpRunning == 0 && 1 == systemActive))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || 1 <= waterLevel) || !(methaneLevelCritical == 1))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && tmp == 1) && 1 == systemActive)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel)) || (((1 <= pumpRunning && !(waterLevel == 1)) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || 1 <= waterLevel)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || waterLevel == 1)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (((1 <= pumpRunning && !(waterLevel == 1)) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel)) || ((pumpRunning == 0 && 1 == systemActive) && \old(waterLevel) <= waterLevel)) [2022-11-23 13:44:47,747 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((1 <= pumpRunning || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0)) [2022-11-23 13:44:47,749 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || methAndRunningLastTime == 0) || !(methaneLevelCritical == systemActive)) || !(0 == systemActive)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && ((((!(\old(pumpRunning) == 0) || 2 <= waterLevel) || !(methaneLevelCritical == 0)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || 1 <= waterLevel) || !(methaneLevelCritical == 1))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0))) && ((((!(\old(pumpRunning) == 0) || 2 <= waterLevel) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && tmp == 1) && 1 == systemActive)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || 1 <= waterLevel)) && ((((((((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((1 <= pumpRunning && !(waterLevel == 1)) && tmp == 0) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel))) && ((((((1 <= pumpRunning && tmp == 0) && waterLevel == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == 0) && 1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || waterLevel == 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && tmp == 0)) || !(methaneLevelCritical == systemActive)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || (methAndRunningLastTime == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || waterLevel == 1) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (((1 <= pumpRunning && !(waterLevel == 1)) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel)) || ((pumpRunning == 0 && 1 == systemActive) && \old(waterLevel) <= waterLevel)) [2022-11-23 13:44:47,749 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(1 == systemActive) || ((1 <= pumpRunning && aux-isMethaneLevelCritical()-aux == 1) && (((!(pumpRunning == 0) && 0 < waterLevel + 1) && \old(waterLevel) <= waterLevel + 1) || \old(waterLevel) <= waterLevel))) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 1)) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0)) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (1 <= pumpRunning && (((!(pumpRunning == 0) && 0 < waterLevel + 1) && \old(waterLevel) <= waterLevel + 1) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 0)) [2022-11-23 13:44:47,749 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0))) && ((((1 <= pumpRunning || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(waterLevel == 0)) || !(methaneLevelCritical == 0)) [2022-11-23 13:44:47,750 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0) && 1 == systemActive) && \old(waterLevel) <= waterLevel)) || ((((1 <= pumpRunning && !(waterLevel == 1)) && tmp == 0) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0) && 1 == systemActive)) || (((1 <= pumpRunning && tmp == 0) && methAndRunningLastTime == 0) && waterLevel == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && ((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || ((((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0) && 1 == systemActive) && waterLevel == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || ((((((1 <= pumpRunning && tmp == 0) && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel) && waterLevel == 0))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 == systemActive)) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) || (pumpRunning == 0 && methAndRunningLastTime == 0))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || 1 <= waterLevel) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || 2 <= waterLevel) || \old(waterLevel) < 2) || !(methaneLevelCritical == systemActive)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || 2 <= waterLevel) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || waterLevel == 1)) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0)) || !(methaneLevelCritical == systemActive)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((1 <= pumpRunning && !(waterLevel == 1)) && \old(waterLevel) <= waterLevel)) || !(methaneLevelCritical == 1)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && \old(waterLevel) <= waterLevel))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || 1 <= waterLevel)) && (((((((((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0) && 1 == systemActive) && waterLevel == 0) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || ((((((1 <= pumpRunning && tmp == 0) && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel) && waterLevel == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || waterLevel == 1)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || waterLevel == 1) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || waterLevel == 1) || !(0 == systemActive)) [2022-11-23 13:44:47,751 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) [2022-11-23 13:44:47,757 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (pumpRunning == 0 && (!(waterLevel == 1) || tmp == 0))) || !(methAndRunningLastTime == 0)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && (!(waterLevel == 1) || tmp == 0))) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel == 0)) || !(methaneLevelCritical == 0)) [2022-11-23 13:44:47,803 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/witness.graphml [2022-11-23 13:44:47,803 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-23 13:44:47,804 INFO L158 Benchmark]: Toolchain (without parser) took 68343.67ms. Allocated memory was 163.6MB in the beginning and 880.8MB in the end (delta: 717.2MB). Free memory was 116.3MB in the beginning and 751.1MB in the end (delta: -634.8MB). Peak memory consumption was 83.8MB. Max. memory is 16.1GB. [2022-11-23 13:44:47,804 INFO L158 Benchmark]: CDTParser took 0.29ms. Allocated memory is still 123.7MB. Free memory was 65.4MB in the beginning and 89.8MB in the end (delta: -24.4MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-23 13:44:47,804 INFO L158 Benchmark]: CACSL2BoogieTranslator took 458.23ms. Allocated memory is still 163.6MB. Free memory was 115.8MB in the beginning and 96.8MB in the end (delta: 19.0MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-23 13:44:47,805 INFO L158 Benchmark]: Boogie Procedure Inliner took 70.01ms. Allocated memory is still 163.6MB. Free memory was 96.8MB in the beginning and 94.2MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-23 13:44:47,805 INFO L158 Benchmark]: Boogie Preprocessor took 26.15ms. Allocated memory is still 163.6MB. Free memory was 94.2MB in the beginning and 92.7MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-23 13:44:47,806 INFO L158 Benchmark]: RCFGBuilder took 744.69ms. Allocated memory is still 163.6MB. Free memory was 92.7MB in the beginning and 112.7MB in the end (delta: -20.0MB). Peak memory consumption was 12.3MB. Max. memory is 16.1GB. [2022-11-23 13:44:47,806 INFO L158 Benchmark]: TraceAbstraction took 66917.92ms. Allocated memory was 163.6MB in the beginning and 880.8MB in the end (delta: 717.2MB). Free memory was 111.7MB in the beginning and 757.4MB in the end (delta: -645.7MB). Peak memory consumption was 428.2MB. Max. memory is 16.1GB. [2022-11-23 13:44:47,806 INFO L158 Benchmark]: Witness Printer took 120.32ms. Allocated memory is still 880.8MB. Free memory was 757.4MB in the beginning and 751.1MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-23 13:44:47,808 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.29ms. Allocated memory is still 123.7MB. Free memory was 65.4MB in the beginning and 89.8MB in the end (delta: -24.4MB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 458.23ms. Allocated memory is still 163.6MB. Free memory was 115.8MB in the beginning and 96.8MB in the end (delta: 19.0MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 70.01ms. Allocated memory is still 163.6MB. Free memory was 96.8MB in the beginning and 94.2MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 26.15ms. Allocated memory is still 163.6MB. Free memory was 94.2MB in the beginning and 92.7MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 744.69ms. Allocated memory is still 163.6MB. Free memory was 92.7MB in the beginning and 112.7MB in the end (delta: -20.0MB). Peak memory consumption was 12.3MB. Max. memory is 16.1GB. * TraceAbstraction took 66917.92ms. Allocated memory was 163.6MB in the beginning and 880.8MB in the end (delta: 717.2MB). Free memory was 111.7MB in the beginning and 757.4MB in the end (delta: -645.7MB). Peak memory consumption was 428.2MB. Max. memory is 16.1GB. * Witness Printer took 120.32ms. Allocated memory is still 880.8MB. Free memory was 757.4MB in the beginning and 751.1MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 420]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 74 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 66.8s, OverallIterations: 11, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 16.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 21.9s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 3989 SdHoareTripleChecker+Valid, 6.6s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 3973 mSDsluCounter, 4852 SdHoareTripleChecker+Invalid, 5.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3850 mSDsCounter, 2809 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 10019 IncrementalHoareTripleChecker+Invalid, 12828 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 2809 mSolverCounterUnsat, 1002 mSDtfsCounter, 10019 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 925 GetRequests, 500 SyntacticMatches, 32 SemanticMatches, 393 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 38546 ImplicationChecksByTransitivity, 22.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=841occurred in iteration=10, InterpolantAutomatonStates: 289, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 11 MinimizatonAttempts, 267 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 43 LocationsWithAnnotation, 3450 PreInvPairs, 4561 NumberOfFragments, 4744 HoareAnnotationTreeSize, 3450 FomulaSimplifications, 20502 FormulaSimplificationTreeSizeReduction, 2.9s HoareSimplificationTime, 43 FomulaSimplificationsInter, 115587 FormulaSimplificationTreeSizeReductionInter, 18.8s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 3.6s InterpolantComputationTime, 724 NumberOfCodeBlocks, 724 NumberOfCodeBlocksAsserted, 14 NumberOfCheckSat, 873 ConstructedInterpolants, 0 QuantifiedInterpolants, 2393 SizeOfPredicates, 20 NumberOfNonLiveVariables, 1022 ConjunctsInSsa, 66 ConjunctsInUnsatCore, 16 InterpolantComputations, 9 PerfectInterpolantSequences, 216/282 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 869]: Loop Invariant Derived loop invariant: (((((((1 <= pumpRunning && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && splverifierCounter == 0) && 0 == systemActive)) || (((1 <= pumpRunning && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 1) && splverifierCounter == 0) && 0 == systemActive) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 625]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (pumpRunning == 0 && (!(waterLevel == 1) || tmp == 0))) || !(methAndRunningLastTime == 0)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && (!(waterLevel == 1) || tmp == 0))) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel == 0)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 546]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0) && 1 == systemActive) && \old(waterLevel) <= waterLevel)) || ((((1 <= pumpRunning && !(waterLevel == 1)) && tmp == 0) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0) && 1 == systemActive)) || (((1 <= pumpRunning && tmp == 0) && methAndRunningLastTime == 0) && waterLevel == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && ((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || ((((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0) && 1 == systemActive) && waterLevel == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || ((((((1 <= pumpRunning && tmp == 0) && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel) && waterLevel == 0))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 == systemActive)) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) || (pumpRunning == 0 && methAndRunningLastTime == 0))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || 1 <= waterLevel) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || 2 <= waterLevel) || \old(waterLevel) < 2) || !(methaneLevelCritical == systemActive)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || 2 <= waterLevel) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || waterLevel == 1)) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0)) || !(methaneLevelCritical == systemActive)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((1 <= pumpRunning && !(waterLevel == 1)) && \old(waterLevel) <= waterLevel)) || !(methaneLevelCritical == 1)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && \old(waterLevel) <= waterLevel))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || 1 <= waterLevel)) && (((((((((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0) && 1 == systemActive) && waterLevel == 0) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || ((((((1 <= pumpRunning && tmp == 0) && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel) && waterLevel == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || waterLevel == 1)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || waterLevel == 1) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || waterLevel == 1) || !(0 == systemActive)) - InvariantResult [Line: 947]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 585]: Loop Invariant Derived loop invariant: ((((((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || methAndRunningLastTime == 0) || !(methaneLevelCritical == systemActive)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(0 == systemActive))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 1)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || methAndRunningLastTime == 0) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) - InvariantResult [Line: 420]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) - InvariantResult [Line: 1019]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 838]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 669]: Loop Invariant Derived loop invariant: ((((((((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (1 <= pumpRunning && waterLevel == 0)) || (pumpRunning == 0 && 1 == systemActive))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || 1 <= waterLevel) || !(methaneLevelCritical == 1))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && tmp == 1) && 1 == systemActive)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel)) || (((1 <= pumpRunning && !(waterLevel == 1)) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || 1 <= waterLevel)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || waterLevel == 1)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (((1 <= pumpRunning && !(waterLevel == 1)) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel)) || ((pumpRunning == 0 && 1 == systemActive) && \old(waterLevel) <= waterLevel)) - InvariantResult [Line: 554]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || methAndRunningLastTime == 0) || !(methaneLevelCritical == systemActive)) || !(0 == systemActive)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && ((((!(\old(pumpRunning) == 0) || 2 <= waterLevel) || !(methaneLevelCritical == 0)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || 1 <= waterLevel) || !(methaneLevelCritical == 1))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0))) && ((((!(\old(pumpRunning) == 0) || 2 <= waterLevel) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && tmp == 1) && 1 == systemActive)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || 1 <= waterLevel)) && ((((((((pumpRunning == 0 && tmp == 0) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((1 <= pumpRunning && !(waterLevel == 1)) && tmp == 0) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel))) && ((((((1 <= pumpRunning && tmp == 0) && waterLevel == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == 0) && 1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || waterLevel == 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && tmp == 0)) || !(methaneLevelCritical == systemActive)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || (methAndRunningLastTime == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || waterLevel == 1) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (((1 <= pumpRunning && !(waterLevel == 1)) && methAndRunningLastTime == 0) && \old(waterLevel) <= waterLevel)) || ((pumpRunning == 0 && 1 == systemActive) && \old(waterLevel) <= waterLevel)) - InvariantResult [Line: 621]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0))) && ((((1 <= pumpRunning || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(waterLevel == 0)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 715]: Loop Invariant Derived loop invariant: ((((((((((!(1 == systemActive) || ((1 <= pumpRunning && aux-isMethaneLevelCritical()-aux == 1) && (((!(pumpRunning == 0) && 0 < waterLevel + 1) && \old(waterLevel) <= waterLevel + 1) || \old(waterLevel) <= waterLevel))) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 1)) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 0)) || waterLevel == 0)) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 0)) || !(methaneLevelCritical == 1)) || waterLevel == 0)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (1 <= pumpRunning && (((!(pumpRunning == 0) && 0 < waterLevel + 1) && \old(waterLevel) <= waterLevel + 1) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 839]: Loop Invariant Derived loop invariant: ((((((((1 <= pumpRunning && !(waterLevel == 1)) && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) || (((((1 <= pumpRunning && !(waterLevel == 1)) && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && splverifierCounter == 0) && 0 == systemActive)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 1) && splverifierCounter == 0) && 0 == systemActive) - InvariantResult [Line: 1019]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 937]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 647]: Loop Invariant Derived loop invariant: ((((1 <= pumpRunning || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0)) - InvariantResult [Line: 829]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 808]: Loop Invariant Derived loop invariant: (((((((methaneLevelCritical == systemActive && pumpRunning == 0) && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && splverifierCounter == 0) || ((methaneLevelCritical == 0 && 1 == systemActive) && (((pumpRunning == 0 && splverifierCounter == 0) && !(0 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0)))) || ((1 == systemActive && methaneLevelCritical == 1) && (((pumpRunning == 0 && splverifierCounter == 0) && !(0 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0)))) || ((methaneLevelCritical == 1 && (1 < waterLevel || 0 == systemActive)) && (((pumpRunning == 0 && splverifierCounter == 0) && !(0 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0)))) || ((methaneLevelCritical == 0 && 2 <= waterLevel) && (((pumpRunning == 0 && splverifierCounter == 0) && !(0 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0))) RESULT: Ultimate proved your program to be correct! [2022-11-23 13:44:47,844 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_15d0059e-2216-408e-8851-8983524924d1/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE