./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4e7fbc69 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 323b2112d56f35ec9fc5a7837411d8e54d2d46e3d8981d77e080eaf0dd99497b --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-4e7fbc6 [2022-11-23 15:32:24,404 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-23 15:32:24,408 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-23 15:32:24,460 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-23 15:32:24,464 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-23 15:32:24,470 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-23 15:32:24,472 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-23 15:32:24,477 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-23 15:32:24,480 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-23 15:32:24,488 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-23 15:32:24,490 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-23 15:32:24,492 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-23 15:32:24,494 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-23 15:32:24,497 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-23 15:32:24,499 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-23 15:32:24,501 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-23 15:32:24,505 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-23 15:32:24,506 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-23 15:32:24,508 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-23 15:32:24,517 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-23 15:32:24,520 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-23 15:32:24,523 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-23 15:32:24,525 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-23 15:32:24,527 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-23 15:32:24,538 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-23 15:32:24,540 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-23 15:32:24,540 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-23 15:32:24,543 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-23 15:32:24,544 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-23 15:32:24,547 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-23 15:32:24,548 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-23 15:32:24,549 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-23 15:32:24,551 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-23 15:32:24,555 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-23 15:32:24,556 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-23 15:32:24,557 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-23 15:32:24,558 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-23 15:32:24,558 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-23 15:32:24,559 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-23 15:32:24,562 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-23 15:32:24,563 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-23 15:32:24,564 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-23 15:32:24,619 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-23 15:32:24,620 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-23 15:32:24,621 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-23 15:32:24,621 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-23 15:32:24,622 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-23 15:32:24,623 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-23 15:32:24,623 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-23 15:32:24,623 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-23 15:32:24,624 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-23 15:32:24,624 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-23 15:32:24,625 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-23 15:32:24,626 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-23 15:32:24,626 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-23 15:32:24,627 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-23 15:32:24,627 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-23 15:32:24,627 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-23 15:32:24,628 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-23 15:32:24,628 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-23 15:32:24,629 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-23 15:32:24,629 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-23 15:32:24,629 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-23 15:32:24,630 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-23 15:32:24,630 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-23 15:32:24,630 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-23 15:32:24,631 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-23 15:32:24,631 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-23 15:32:24,631 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-23 15:32:24,631 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-23 15:32:24,632 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-23 15:32:24,632 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-23 15:32:24,633 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-23 15:32:24,633 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-23 15:32:24,634 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 15:32:24,634 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-23 15:32:24,634 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-23 15:32:24,635 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-23 15:32:24,635 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-23 15:32:24,635 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-23 15:32:24,636 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-23 15:32:24,636 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-23 15:32:24,636 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-23 15:32:24,636 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 323b2112d56f35ec9fc5a7837411d8e54d2d46e3d8981d77e080eaf0dd99497b [2022-11-23 15:32:25,003 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-23 15:32:25,037 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-23 15:32:25,041 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-23 15:32:25,043 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-23 15:32:25,043 INFO L275 PluginConnector]: CDTParser initialized [2022-11-23 15:32:25,045 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/../../sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c [2022-11-23 15:32:28,400 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-23 15:32:28,765 INFO L351 CDTParser]: Found 1 translation units. [2022-11-23 15:32:28,779 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c [2022-11-23 15:32:28,800 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/data/ee7bb081b/98586d97a1534d4faaa0adbf14cf3bc4/FLAG07262e2cd [2022-11-23 15:32:28,823 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/data/ee7bb081b/98586d97a1534d4faaa0adbf14cf3bc4 [2022-11-23 15:32:28,827 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-23 15:32:28,829 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-23 15:32:28,833 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-23 15:32:28,833 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-23 15:32:28,837 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-23 15:32:28,839 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 03:32:28" (1/1) ... [2022-11-23 15:32:28,840 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@60c2aac3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:28, skipping insertion in model container [2022-11-23 15:32:28,841 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 03:32:28" (1/1) ... [2022-11-23 15:32:28,849 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-23 15:32:28,929 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-23 15:32:29,200 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c[9626,9639] [2022-11-23 15:32:29,282 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 15:32:29,298 INFO L203 MainTranslator]: Completed pre-run [2022-11-23 15:32:29,353 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c[9626,9639] [2022-11-23 15:32:29,390 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 15:32:29,410 INFO L208 MainTranslator]: Completed translation [2022-11-23 15:32:29,411 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29 WrapperNode [2022-11-23 15:32:29,411 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-23 15:32:29,413 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-23 15:32:29,413 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-23 15:32:29,413 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-23 15:32:29,422 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (1/1) ... [2022-11-23 15:32:29,439 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (1/1) ... [2022-11-23 15:32:29,480 INFO L138 Inliner]: procedures = 61, calls = 110, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 246 [2022-11-23 15:32:29,481 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-23 15:32:29,482 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-23 15:32:29,482 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-23 15:32:29,482 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-23 15:32:29,494 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (1/1) ... [2022-11-23 15:32:29,495 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (1/1) ... [2022-11-23 15:32:29,498 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (1/1) ... [2022-11-23 15:32:29,498 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (1/1) ... [2022-11-23 15:32:29,504 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (1/1) ... [2022-11-23 15:32:29,510 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (1/1) ... [2022-11-23 15:32:29,512 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (1/1) ... [2022-11-23 15:32:29,514 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (1/1) ... [2022-11-23 15:32:29,517 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-23 15:32:29,518 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-23 15:32:29,518 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-23 15:32:29,518 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-23 15:32:29,519 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (1/1) ... [2022-11-23 15:32:29,543 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 15:32:29,567 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 15:32:29,589 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-23 15:32:29,597 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-23 15:32:29,638 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-23 15:32:29,638 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-23 15:32:29,638 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-23 15:32:29,638 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-23 15:32:29,639 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-23 15:32:29,639 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-23 15:32:29,639 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-23 15:32:29,639 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 15:32:29,639 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 15:32:29,640 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-23 15:32:29,640 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-23 15:32:29,640 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-11-23 15:32:29,640 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-11-23 15:32:29,640 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-23 15:32:29,641 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-23 15:32:29,641 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-11-23 15:32:29,641 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-11-23 15:32:29,641 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-23 15:32:29,641 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-23 15:32:29,641 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-23 15:32:29,642 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-23 15:32:29,642 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-23 15:32:29,642 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-23 15:32:29,642 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-23 15:32:29,729 INFO L235 CfgBuilder]: Building ICFG [2022-11-23 15:32:29,732 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-23 15:32:30,125 INFO L276 CfgBuilder]: Performing block encoding [2022-11-23 15:32:30,309 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-23 15:32:30,310 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-23 15:32:30,313 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 03:32:30 BoogieIcfgContainer [2022-11-23 15:32:30,313 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-23 15:32:30,317 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-23 15:32:30,317 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-23 15:32:30,321 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-23 15:32:30,327 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 23.11 03:32:28" (1/3) ... [2022-11-23 15:32:30,328 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@60a127e1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 03:32:30, skipping insertion in model container [2022-11-23 15:32:30,328 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:32:29" (2/3) ... [2022-11-23 15:32:30,329 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@60a127e1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 03:32:30, skipping insertion in model container [2022-11-23 15:32:30,329 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 03:32:30" (3/3) ... [2022-11-23 15:32:30,331 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product64.cil.c [2022-11-23 15:32:30,351 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-23 15:32:30,351 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-23 15:32:30,419 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-23 15:32:30,428 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@2d27ccea, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-23 15:32:30,429 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-23 15:32:30,434 INFO L276 IsEmpty]: Start isEmpty. Operand has 80 states, 49 states have (on average 1.4285714285714286) internal successors, (70), 60 states have internal predecessors, (70), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) [2022-11-23 15:32:30,449 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-23 15:32:30,450 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:32:30,453 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:32:30,455 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:32:30,471 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:32:30,472 INFO L85 PathProgramCache]: Analyzing trace with hash 997885803, now seen corresponding path program 1 times [2022-11-23 15:32:30,486 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:32:30,488 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1803391722] [2022-11-23 15:32:30,488 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:30,489 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:32:30,693 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:30,828 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:32:30,829 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:32:30,829 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1803391722] [2022-11-23 15:32:30,831 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1803391722] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:32:30,831 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:32:30,837 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-23 15:32:30,839 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1798328709] [2022-11-23 15:32:30,841 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:32:30,849 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-23 15:32:30,851 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:32:30,905 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-23 15:32:30,906 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 15:32:30,909 INFO L87 Difference]: Start difference. First operand has 80 states, 49 states have (on average 1.4285714285714286) internal successors, (70), 60 states have internal predecessors, (70), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 15:32:31,026 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:32:31,026 INFO L93 Difference]: Finished difference Result 158 states and 217 transitions. [2022-11-23 15:32:31,028 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-23 15:32:31,030 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2022-11-23 15:32:31,034 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:32:31,045 INFO L225 Difference]: With dead ends: 158 [2022-11-23 15:32:31,047 INFO L226 Difference]: Without dead ends: 75 [2022-11-23 15:32:31,053 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 15:32:31,061 INFO L413 NwaCegarLoop]: 86 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 86 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 15:32:31,064 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 86 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 15:32:31,084 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-11-23 15:32:31,114 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-11-23 15:32:31,116 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 46 states have (on average 1.3478260869565217) internal successors, (62), 56 states have internal predecessors, (62), 19 states have call successors, (19), 10 states have call predecessors, (19), 9 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2022-11-23 15:32:31,119 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 99 transitions. [2022-11-23 15:32:31,121 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 99 transitions. Word has length 21 [2022-11-23 15:32:31,122 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:32:31,122 INFO L495 AbstractCegarLoop]: Abstraction has 75 states and 99 transitions. [2022-11-23 15:32:31,122 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 15:32:31,123 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 99 transitions. [2022-11-23 15:32:31,126 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-23 15:32:31,126 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:32:31,126 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:32:31,127 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-23 15:32:31,127 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:32:31,128 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:32:31,128 INFO L85 PathProgramCache]: Analyzing trace with hash -20530876, now seen corresponding path program 1 times [2022-11-23 15:32:31,129 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:32:31,129 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1733385692] [2022-11-23 15:32:31,129 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:31,130 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:32:31,152 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:31,245 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:32:31,245 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:32:31,246 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1733385692] [2022-11-23 15:32:31,246 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1733385692] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:32:31,246 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:32:31,247 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-23 15:32:31,247 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1464500353] [2022-11-23 15:32:31,247 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:32:31,249 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 15:32:31,249 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:32:31,250 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 15:32:31,250 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 15:32:31,251 INFO L87 Difference]: Start difference. First operand 75 states and 99 transitions. Second operand has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 15:32:31,319 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:32:31,319 INFO L93 Difference]: Finished difference Result 122 states and 160 transitions. [2022-11-23 15:32:31,320 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 15:32:31,321 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2022-11-23 15:32:31,321 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:32:31,322 INFO L225 Difference]: With dead ends: 122 [2022-11-23 15:32:31,323 INFO L226 Difference]: Without dead ends: 67 [2022-11-23 15:32:31,324 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 15:32:31,325 INFO L413 NwaCegarLoop]: 72 mSDtfsCounter, 14 mSDsluCounter, 56 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 128 SdHoareTripleChecker+Invalid, 28 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-23 15:32:31,326 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 128 Invalid, 28 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-23 15:32:31,328 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-11-23 15:32:31,338 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-11-23 15:32:31,339 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 41 states have (on average 1.3658536585365855) internal successors, (56), 51 states have internal predecessors, (56), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-11-23 15:32:31,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 88 transitions. [2022-11-23 15:32:31,342 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 88 transitions. Word has length 22 [2022-11-23 15:32:31,342 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:32:31,342 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 88 transitions. [2022-11-23 15:32:31,343 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 15:32:31,343 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 88 transitions. [2022-11-23 15:32:31,345 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-11-23 15:32:31,345 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:32:31,345 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:32:31,346 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-23 15:32:31,346 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:32:31,347 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:32:31,347 INFO L85 PathProgramCache]: Analyzing trace with hash 1030296859, now seen corresponding path program 1 times [2022-11-23 15:32:31,348 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:32:31,348 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [615101813] [2022-11-23 15:32:31,348 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:31,349 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:32:31,375 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:31,504 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:32:31,504 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:32:31,504 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [615101813] [2022-11-23 15:32:31,505 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [615101813] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:32:31,505 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:32:31,505 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-23 15:32:31,506 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1547855370] [2022-11-23 15:32:31,506 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:32:31,507 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-23 15:32:31,507 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:32:31,507 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-23 15:32:31,508 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-23 15:32:31,508 INFO L87 Difference]: Start difference. First operand 67 states and 88 transitions. Second operand has 4 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 15:32:31,637 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:32:31,637 INFO L93 Difference]: Finished difference Result 168 states and 221 transitions. [2022-11-23 15:32:31,638 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-23 15:32:31,638 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 25 [2022-11-23 15:32:31,639 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:32:31,641 INFO L225 Difference]: With dead ends: 168 [2022-11-23 15:32:31,641 INFO L226 Difference]: Without dead ends: 103 [2022-11-23 15:32:31,642 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-23 15:32:31,644 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 109 mSDsluCounter, 99 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 113 SdHoareTripleChecker+Valid, 182 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 15:32:31,645 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [113 Valid, 182 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 15:32:31,646 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2022-11-23 15:32:31,663 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 100. [2022-11-23 15:32:31,664 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 100 states, 63 states have (on average 1.3650793650793651) internal successors, (86), 76 states have internal predecessors, (86), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (23), 16 states have call predecessors, (23), 22 states have call successors, (23) [2022-11-23 15:32:31,666 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 100 states to 100 states and 131 transitions. [2022-11-23 15:32:31,666 INFO L78 Accepts]: Start accepts. Automaton has 100 states and 131 transitions. Word has length 25 [2022-11-23 15:32:31,667 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:32:31,667 INFO L495 AbstractCegarLoop]: Abstraction has 100 states and 131 transitions. [2022-11-23 15:32:31,667 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 15:32:31,668 INFO L276 IsEmpty]: Start isEmpty. Operand 100 states and 131 transitions. [2022-11-23 15:32:31,669 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-11-23 15:32:31,670 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:32:31,670 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:32:31,670 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-23 15:32:31,671 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:32:31,671 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:32:31,672 INFO L85 PathProgramCache]: Analyzing trace with hash 1909510217, now seen corresponding path program 1 times [2022-11-23 15:32:31,672 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:32:31,672 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [360899513] [2022-11-23 15:32:31,672 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:31,673 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:32:31,693 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:31,855 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-23 15:32:31,855 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:32:31,856 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [360899513] [2022-11-23 15:32:31,856 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [360899513] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:32:31,856 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:32:31,857 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-23 15:32:31,857 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1417994034] [2022-11-23 15:32:31,857 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:32:31,858 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-23 15:32:31,858 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:32:31,859 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-23 15:32:31,859 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-23 15:32:31,860 INFO L87 Difference]: Start difference. First operand 100 states and 131 transitions. Second operand has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 15:32:32,167 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:32:32,167 INFO L93 Difference]: Finished difference Result 243 states and 329 transitions. [2022-11-23 15:32:32,169 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-23 15:32:32,170 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 28 [2022-11-23 15:32:32,171 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:32:32,180 INFO L225 Difference]: With dead ends: 243 [2022-11-23 15:32:32,180 INFO L226 Difference]: Without dead ends: 145 [2022-11-23 15:32:32,187 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-23 15:32:32,191 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 46 mSDsluCounter, 258 mSDsCounter, 0 mSdLazyCounter, 139 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 338 SdHoareTripleChecker+Invalid, 149 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 139 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-23 15:32:32,196 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 338 Invalid, 149 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 139 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-23 15:32:32,200 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 145 states. [2022-11-23 15:32:32,229 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 145 to 138. [2022-11-23 15:32:32,233 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 138 states, 90 states have (on average 1.2777777777777777) internal successors, (115), 101 states have internal predecessors, (115), 26 states have call successors, (26), 21 states have call predecessors, (26), 21 states have return successors, (34), 24 states have call predecessors, (34), 26 states have call successors, (34) [2022-11-23 15:32:32,235 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 138 states to 138 states and 175 transitions. [2022-11-23 15:32:32,239 INFO L78 Accepts]: Start accepts. Automaton has 138 states and 175 transitions. Word has length 28 [2022-11-23 15:32:32,240 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:32:32,240 INFO L495 AbstractCegarLoop]: Abstraction has 138 states and 175 transitions. [2022-11-23 15:32:32,241 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 15:32:32,241 INFO L276 IsEmpty]: Start isEmpty. Operand 138 states and 175 transitions. [2022-11-23 15:32:32,243 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2022-11-23 15:32:32,243 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:32:32,244 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:32:32,248 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-23 15:32:32,248 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:32:32,249 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:32:32,250 INFO L85 PathProgramCache]: Analyzing trace with hash 793299814, now seen corresponding path program 1 times [2022-11-23 15:32:32,250 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:32:32,250 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1047975641] [2022-11-23 15:32:32,250 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:32,251 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:32:32,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:32,374 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:32:32,374 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:32:32,374 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1047975641] [2022-11-23 15:32:32,375 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1047975641] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:32:32,375 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:32:32,375 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-23 15:32:32,376 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [220365021] [2022-11-23 15:32:32,378 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:32:32,379 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 15:32:32,379 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:32:32,379 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 15:32:32,380 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 15:32:32,382 INFO L87 Difference]: Start difference. First operand 138 states and 175 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 3 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-23 15:32:32,516 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:32:32,516 INFO L93 Difference]: Finished difference Result 276 states and 350 transitions. [2022-11-23 15:32:32,517 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 15:32:32,519 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 3 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) Word has length 45 [2022-11-23 15:32:32,520 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:32:32,526 INFO L225 Difference]: With dead ends: 276 [2022-11-23 15:32:32,527 INFO L226 Difference]: Without dead ends: 140 [2022-11-23 15:32:32,528 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 15:32:32,531 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 30 mSDsluCounter, 70 mSDsCounter, 0 mSdLazyCounter, 41 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 30 SdHoareTripleChecker+Valid, 164 SdHoareTripleChecker+Invalid, 41 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 41 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 15:32:32,532 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [30 Valid, 164 Invalid, 41 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 41 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 15:32:32,533 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 140 states. [2022-11-23 15:32:32,591 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 140 to 138. [2022-11-23 15:32:32,592 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 138 states, 90 states have (on average 1.2666666666666666) internal successors, (114), 101 states have internal predecessors, (114), 26 states have call successors, (26), 21 states have call predecessors, (26), 21 states have return successors, (32), 24 states have call predecessors, (32), 26 states have call successors, (32) [2022-11-23 15:32:32,596 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 138 states to 138 states and 172 transitions. [2022-11-23 15:32:32,597 INFO L78 Accepts]: Start accepts. Automaton has 138 states and 172 transitions. Word has length 45 [2022-11-23 15:32:32,597 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:32:32,598 INFO L495 AbstractCegarLoop]: Abstraction has 138 states and 172 transitions. [2022-11-23 15:32:32,598 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 3 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-23 15:32:32,598 INFO L276 IsEmpty]: Start isEmpty. Operand 138 states and 172 transitions. [2022-11-23 15:32:32,604 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-11-23 15:32:32,605 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:32:32,606 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:32:32,606 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-23 15:32:32,606 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:32:32,607 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:32:32,607 INFO L85 PathProgramCache]: Analyzing trace with hash 107775188, now seen corresponding path program 1 times [2022-11-23 15:32:32,608 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:32:32,608 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [315618525] [2022-11-23 15:32:32,608 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:32,609 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:32:32,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:33,092 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:32:33,092 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:32:33,093 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [315618525] [2022-11-23 15:32:33,094 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [315618525] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:32:33,094 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:32:33,094 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-23 15:32:33,095 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [453424227] [2022-11-23 15:32:33,095 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:32:33,095 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-23 15:32:33,096 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:32:33,096 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-23 15:32:33,097 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-11-23 15:32:33,097 INFO L87 Difference]: Start difference. First operand 138 states and 172 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 5 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) [2022-11-23 15:32:33,388 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:32:33,389 INFO L93 Difference]: Finished difference Result 417 states and 521 transitions. [2022-11-23 15:32:33,389 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-23 15:32:33,390 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 5 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) Word has length 42 [2022-11-23 15:32:33,390 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:32:33,394 INFO L225 Difference]: With dead ends: 417 [2022-11-23 15:32:33,394 INFO L226 Difference]: Without dead ends: 281 [2022-11-23 15:32:33,395 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=26, Unknown=0, NotChecked=0, Total=42 [2022-11-23 15:32:33,401 INFO L413 NwaCegarLoop]: 113 mSDtfsCounter, 159 mSDsluCounter, 130 mSDsCounter, 0 mSdLazyCounter, 114 mSolverCounterSat, 45 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 160 SdHoareTripleChecker+Valid, 243 SdHoareTripleChecker+Invalid, 159 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 45 IncrementalHoareTripleChecker+Valid, 114 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-23 15:32:33,406 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [160 Valid, 243 Invalid, 159 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [45 Valid, 114 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-23 15:32:33,408 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 281 states. [2022-11-23 15:32:33,460 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 281 to 276. [2022-11-23 15:32:33,462 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 276 states, 181 states have (on average 1.2651933701657458) internal successors, (229), 201 states have internal predecessors, (229), 51 states have call successors, (51), 43 states have call predecessors, (51), 43 states have return successors, (63), 46 states have call predecessors, (63), 51 states have call successors, (63) [2022-11-23 15:32:33,465 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 276 states to 276 states and 343 transitions. [2022-11-23 15:32:33,467 INFO L78 Accepts]: Start accepts. Automaton has 276 states and 343 transitions. Word has length 42 [2022-11-23 15:32:33,469 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:32:33,469 INFO L495 AbstractCegarLoop]: Abstraction has 276 states and 343 transitions. [2022-11-23 15:32:33,470 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 5 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) [2022-11-23 15:32:33,470 INFO L276 IsEmpty]: Start isEmpty. Operand 276 states and 343 transitions. [2022-11-23 15:32:33,478 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2022-11-23 15:32:33,478 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:32:33,479 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:32:33,479 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-23 15:32:33,479 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:32:33,480 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:32:33,480 INFO L85 PathProgramCache]: Analyzing trace with hash -1390280611, now seen corresponding path program 1 times [2022-11-23 15:32:33,480 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:32:33,481 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1539171114] [2022-11-23 15:32:33,481 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:33,481 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:32:33,522 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:34,033 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:32:34,034 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:32:34,034 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1539171114] [2022-11-23 15:32:34,034 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1539171114] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:32:34,034 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:32:34,035 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-23 15:32:34,035 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1319885426] [2022-11-23 15:32:34,035 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:32:34,036 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-23 15:32:34,036 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:32:34,037 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-23 15:32:34,038 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-23 15:32:34,039 INFO L87 Difference]: Start difference. First operand 276 states and 343 transitions. Second operand has 8 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 5 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2022-11-23 15:32:34,798 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:32:34,798 INFO L93 Difference]: Finished difference Result 619 states and 781 transitions. [2022-11-23 15:32:34,799 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-23 15:32:34,799 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 5 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) Word has length 45 [2022-11-23 15:32:34,800 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:32:34,804 INFO L225 Difference]: With dead ends: 619 [2022-11-23 15:32:34,804 INFO L226 Difference]: Without dead ends: 441 [2022-11-23 15:32:34,806 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=67, Invalid=143, Unknown=0, NotChecked=0, Total=210 [2022-11-23 15:32:34,807 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 278 mSDsluCounter, 198 mSDsCounter, 0 mSdLazyCounter, 404 mSolverCounterSat, 117 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 288 SdHoareTripleChecker+Valid, 282 SdHoareTripleChecker+Invalid, 521 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 117 IncrementalHoareTripleChecker+Valid, 404 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-23 15:32:34,807 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [288 Valid, 282 Invalid, 521 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [117 Valid, 404 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-23 15:32:34,810 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 441 states. [2022-11-23 15:32:34,885 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 441 to 387. [2022-11-23 15:32:34,886 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 387 states, 257 states have (on average 1.2529182879377432) internal successors, (322), 284 states have internal predecessors, (322), 69 states have call successors, (69), 54 states have call predecessors, (69), 60 states have return successors, (88), 68 states have call predecessors, (88), 69 states have call successors, (88) [2022-11-23 15:32:34,890 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 387 states to 387 states and 479 transitions. [2022-11-23 15:32:34,891 INFO L78 Accepts]: Start accepts. Automaton has 387 states and 479 transitions. Word has length 45 [2022-11-23 15:32:34,891 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:32:34,892 INFO L495 AbstractCegarLoop]: Abstraction has 387 states and 479 transitions. [2022-11-23 15:32:34,892 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 5 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2022-11-23 15:32:34,892 INFO L276 IsEmpty]: Start isEmpty. Operand 387 states and 479 transitions. [2022-11-23 15:32:34,896 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2022-11-23 15:32:34,896 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:32:34,896 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:32:34,896 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-23 15:32:34,897 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:32:34,897 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:32:34,898 INFO L85 PathProgramCache]: Analyzing trace with hash 1092415673, now seen corresponding path program 1 times [2022-11-23 15:32:34,898 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:32:34,898 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1019304450] [2022-11-23 15:32:34,898 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:34,899 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:32:34,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:35,053 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2022-11-23 15:32:35,053 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:32:35,053 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1019304450] [2022-11-23 15:32:35,054 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1019304450] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:32:35,054 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:32:35,054 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-23 15:32:35,054 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1024987992] [2022-11-23 15:32:35,055 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:32:35,055 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-23 15:32:35,056 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:32:35,056 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-23 15:32:35,056 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-23 15:32:35,057 INFO L87 Difference]: Start difference. First operand 387 states and 479 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (10), 4 states have call predecessors, (10), 4 states have call successors, (10) [2022-11-23 15:32:35,400 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:32:35,401 INFO L93 Difference]: Finished difference Result 609 states and 760 transitions. [2022-11-23 15:32:35,402 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-23 15:32:35,402 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (10), 4 states have call predecessors, (10), 4 states have call successors, (10) Word has length 85 [2022-11-23 15:32:35,403 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:32:35,405 INFO L225 Difference]: With dead ends: 609 [2022-11-23 15:32:35,406 INFO L226 Difference]: Without dead ends: 414 [2022-11-23 15:32:35,407 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-23 15:32:35,409 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 119 mSDsluCounter, 129 mSDsCounter, 0 mSdLazyCounter, 185 mSolverCounterSat, 58 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 124 SdHoareTripleChecker+Valid, 223 SdHoareTripleChecker+Invalid, 243 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 58 IncrementalHoareTripleChecker+Valid, 185 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-23 15:32:35,409 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [124 Valid, 223 Invalid, 243 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [58 Valid, 185 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-23 15:32:35,411 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 414 states. [2022-11-23 15:32:35,482 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 414 to 408. [2022-11-23 15:32:35,483 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 408 states, 272 states have (on average 1.2352941176470589) internal successors, (336), 298 states have internal predecessors, (336), 71 states have call successors, (71), 56 states have call predecessors, (71), 64 states have return successors, (86), 73 states have call predecessors, (86), 71 states have call successors, (86) [2022-11-23 15:32:35,486 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 408 states to 408 states and 493 transitions. [2022-11-23 15:32:35,488 INFO L78 Accepts]: Start accepts. Automaton has 408 states and 493 transitions. Word has length 85 [2022-11-23 15:32:35,491 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:32:35,491 INFO L495 AbstractCegarLoop]: Abstraction has 408 states and 493 transitions. [2022-11-23 15:32:35,491 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (10), 4 states have call predecessors, (10), 4 states have call successors, (10) [2022-11-23 15:32:35,491 INFO L276 IsEmpty]: Start isEmpty. Operand 408 states and 493 transitions. [2022-11-23 15:32:35,495 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 81 [2022-11-23 15:32:35,496 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:32:35,496 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:32:35,496 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-23 15:32:35,497 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:32:35,497 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:32:35,497 INFO L85 PathProgramCache]: Analyzing trace with hash 1599532940, now seen corresponding path program 1 times [2022-11-23 15:32:35,498 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:32:35,498 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1420358731] [2022-11-23 15:32:35,498 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:35,498 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:32:35,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:36,109 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 24 proven. 7 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-23 15:32:36,110 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:32:36,110 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1420358731] [2022-11-23 15:32:36,110 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1420358731] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 15:32:36,110 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1266315159] [2022-11-23 15:32:36,110 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:36,111 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:32:36,111 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 15:32:36,115 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 15:32:36,142 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-23 15:32:36,278 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:36,282 INFO L263 TraceCheckSpWp]: Trace formula consists of 362 conjuncts, 22 conjunts are in the unsatisfiable core [2022-11-23 15:32:36,291 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 15:32:36,579 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 36 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 15:32:36,580 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 15:32:36,882 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 16 proven. 1 refuted. 0 times theorem prover too weak. 20 trivial. 0 not checked. [2022-11-23 15:32:36,883 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1266315159] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 15:32:36,883 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1045570715] [2022-11-23 15:32:36,910 INFO L159 IcfgInterpreter]: Started Sifa with 46 locations of interest [2022-11-23 15:32:36,910 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 15:32:36,919 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 15:32:36,927 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 15:32:36,927 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 15:32:41,061 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 53 for LOIs [2022-11-23 15:32:41,074 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 49 for LOIs [2022-11-23 15:32:41,874 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 24 for LOIs [2022-11-23 15:32:41,876 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 29 for LOIs [2022-11-23 15:32:41,952 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 26 for LOIs [2022-11-23 15:32:42,123 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 28 for LOIs [2022-11-23 15:32:42,127 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 15:32:51,359 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '7053#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| |timeShift_getWaterLevel_#res#1|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| |timeShift_getWaterLevel_#res#1|) (= ~head~0.offset 0) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| ~waterLevel~0) (= |old(~waterLevel~0)| ~waterLevel~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) (<= |timeShift_getWaterLevel_~retValue_acc~5#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (<= 2 |timeShift_getWaterLevel_~retValue_acc~5#1|) (= |old(~switchedOnBeforeTS~0)| 0))' at error location [2022-11-23 15:32:51,359 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 15:32:51,360 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 15:32:51,360 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 6, 6] total 21 [2022-11-23 15:32:51,360 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [48801322] [2022-11-23 15:32:51,360 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 15:32:51,361 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 21 states [2022-11-23 15:32:51,361 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:32:51,362 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2022-11-23 15:32:51,363 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=281, Invalid=2475, Unknown=0, NotChecked=0, Total=2756 [2022-11-23 15:32:51,364 INFO L87 Difference]: Start difference. First operand 408 states and 493 transitions. Second operand has 21 states, 18 states have (on average 5.388888888888889) internal successors, (97), 18 states have internal predecessors, (97), 7 states have call successors, (21), 5 states have call predecessors, (21), 7 states have return successors, (23), 10 states have call predecessors, (23), 7 states have call successors, (23) [2022-11-23 15:32:57,521 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:32:57,521 INFO L93 Difference]: Finished difference Result 2099 states and 2854 transitions. [2022-11-23 15:32:57,522 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 95 states. [2022-11-23 15:32:57,522 INFO L78 Accepts]: Start accepts. Automaton has has 21 states, 18 states have (on average 5.388888888888889) internal successors, (97), 18 states have internal predecessors, (97), 7 states have call successors, (21), 5 states have call predecessors, (21), 7 states have return successors, (23), 10 states have call predecessors, (23), 7 states have call successors, (23) Word has length 80 [2022-11-23 15:32:57,522 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:32:57,531 INFO L225 Difference]: With dead ends: 2099 [2022-11-23 15:32:57,532 INFO L226 Difference]: Without dead ends: 1637 [2022-11-23 15:32:57,541 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 383 GetRequests, 231 SyntacticMatches, 11 SemanticMatches, 141 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7734 ImplicationChecksByTransitivity, 11.9s TimeCoverageRelationStatistics Valid=1595, Invalid=18711, Unknown=0, NotChecked=0, Total=20306 [2022-11-23 15:32:57,542 INFO L413 NwaCegarLoop]: 178 mSDtfsCounter, 1120 mSDsluCounter, 1823 mSDsCounter, 0 mSdLazyCounter, 4323 mSolverCounterSat, 927 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1131 SdHoareTripleChecker+Valid, 2001 SdHoareTripleChecker+Invalid, 5250 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 927 IncrementalHoareTripleChecker+Valid, 4323 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 3.4s IncrementalHoareTripleChecker+Time [2022-11-23 15:32:57,542 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1131 Valid, 2001 Invalid, 5250 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [927 Valid, 4323 Invalid, 0 Unknown, 0 Unchecked, 3.4s Time] [2022-11-23 15:32:57,544 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1637 states. [2022-11-23 15:32:57,689 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1637 to 1111. [2022-11-23 15:32:57,691 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1111 states, 754 states have (on average 1.2307692307692308) internal successors, (928), 808 states have internal predecessors, (928), 183 states have call successors, (183), 161 states have call predecessors, (183), 173 states have return successors, (266), 179 states have call predecessors, (266), 183 states have call successors, (266) [2022-11-23 15:32:57,697 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1111 states to 1111 states and 1377 transitions. [2022-11-23 15:32:57,697 INFO L78 Accepts]: Start accepts. Automaton has 1111 states and 1377 transitions. Word has length 80 [2022-11-23 15:32:57,698 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:32:57,698 INFO L495 AbstractCegarLoop]: Abstraction has 1111 states and 1377 transitions. [2022-11-23 15:32:57,698 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 21 states, 18 states have (on average 5.388888888888889) internal successors, (97), 18 states have internal predecessors, (97), 7 states have call successors, (21), 5 states have call predecessors, (21), 7 states have return successors, (23), 10 states have call predecessors, (23), 7 states have call successors, (23) [2022-11-23 15:32:57,699 INFO L276 IsEmpty]: Start isEmpty. Operand 1111 states and 1377 transitions. [2022-11-23 15:32:57,701 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2022-11-23 15:32:57,701 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:32:57,702 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:32:57,709 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2022-11-23 15:32:57,907 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:32:57,907 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:32:57,908 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:32:57,908 INFO L85 PathProgramCache]: Analyzing trace with hash -1503358146, now seen corresponding path program 1 times [2022-11-23 15:32:57,908 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:32:57,908 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [613896312] [2022-11-23 15:32:57,908 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:57,908 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:32:57,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:58,020 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 1 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2022-11-23 15:32:58,020 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:32:58,020 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [613896312] [2022-11-23 15:32:58,021 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [613896312] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 15:32:58,021 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [62909614] [2022-11-23 15:32:58,021 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:32:58,021 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:32:58,021 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 15:32:58,022 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 15:32:58,027 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-23 15:32:58,128 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:32:58,131 INFO L263 TraceCheckSpWp]: Trace formula consists of 369 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-23 15:32:58,134 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 15:32:58,195 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 20 proven. 1 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-23 15:32:58,195 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 15:32:58,340 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 1 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2022-11-23 15:32:58,341 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [62909614] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 15:32:58,341 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [789279711] [2022-11-23 15:32:58,345 INFO L159 IcfgInterpreter]: Started Sifa with 55 locations of interest [2022-11-23 15:32:58,345 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 15:32:58,346 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 15:32:58,346 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 15:32:58,346 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 15:33:01,336 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 50 for LOIs [2022-11-23 15:33:01,368 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 46 for LOIs [2022-11-23 15:33:02,062 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 20 for LOIs [2022-11-23 15:33:02,064 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 63 for LOIs [2022-11-23 15:33:02,820 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 52 for LOIs [2022-11-23 15:33:03,237 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 58 for LOIs [2022-11-23 15:33:03,255 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 32 for LOIs [2022-11-23 15:33:03,258 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 15:33:11,010 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '12659#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 0)) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| |timeShift_getWaterLevel_#res#1|) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (= ~head~0.offset 0) (<= |old(~pumpRunning~0)| 2147483647) (= 1 ~systemActive~0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| ~waterLevel~0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 2147483648)) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 2147483647) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) (<= |timeShift_getWaterLevel_~retValue_acc~5#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2147483648)))' at error location [2022-11-23 15:33:11,010 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 15:33:11,010 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 15:33:11,011 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 9 [2022-11-23 15:33:11,011 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [47926881] [2022-11-23 15:33:11,011 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 15:33:11,012 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-11-23 15:33:11,012 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:33:11,012 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-11-23 15:33:11,013 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=259, Invalid=2093, Unknown=0, NotChecked=0, Total=2352 [2022-11-23 15:33:11,013 INFO L87 Difference]: Start difference. First operand 1111 states and 1377 transitions. Second operand has 9 states, 7 states have (on average 8.571428571428571) internal successors, (60), 7 states have internal predecessors, (60), 2 states have call successors, (16), 2 states have call predecessors, (16), 4 states have return successors, (18), 4 states have call predecessors, (18), 2 states have call successors, (18) [2022-11-23 15:33:12,014 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:33:12,014 INFO L93 Difference]: Finished difference Result 1363 states and 1730 transitions. [2022-11-23 15:33:12,015 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2022-11-23 15:33:12,015 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 8.571428571428571) internal successors, (60), 7 states have internal predecessors, (60), 2 states have call successors, (16), 2 states have call predecessors, (16), 4 states have return successors, (18), 4 states have call predecessors, (18), 2 states have call successors, (18) Word has length 84 [2022-11-23 15:33:12,015 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:33:12,034 INFO L225 Difference]: With dead ends: 1363 [2022-11-23 15:33:12,034 INFO L226 Difference]: Without dead ends: 1361 [2022-11-23 15:33:12,037 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 274 GetRequests, 208 SyntacticMatches, 5 SemanticMatches, 61 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1419 ImplicationChecksByTransitivity, 8.1s TimeCoverageRelationStatistics Valid=375, Invalid=3531, Unknown=0, NotChecked=0, Total=3906 [2022-11-23 15:33:12,037 INFO L413 NwaCegarLoop]: 165 mSDtfsCounter, 168 mSDsluCounter, 410 mSDsCounter, 0 mSdLazyCounter, 559 mSolverCounterSat, 82 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 173 SdHoareTripleChecker+Valid, 575 SdHoareTripleChecker+Invalid, 641 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 82 IncrementalHoareTripleChecker+Valid, 559 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-23 15:33:12,039 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [173 Valid, 575 Invalid, 641 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [82 Valid, 559 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-23 15:33:12,042 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1361 states. [2022-11-23 15:33:12,187 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1361 to 1161. [2022-11-23 15:33:12,190 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1161 states, 789 states have (on average 1.2281368821292775) internal successors, (969), 847 states have internal predecessors, (969), 191 states have call successors, (191), 169 states have call predecessors, (191), 180 states have return successors, (284), 184 states have call predecessors, (284), 191 states have call successors, (284) [2022-11-23 15:33:12,196 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1161 states to 1161 states and 1444 transitions. [2022-11-23 15:33:12,197 INFO L78 Accepts]: Start accepts. Automaton has 1161 states and 1444 transitions. Word has length 84 [2022-11-23 15:33:12,198 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:33:12,199 INFO L495 AbstractCegarLoop]: Abstraction has 1161 states and 1444 transitions. [2022-11-23 15:33:12,199 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 7 states have (on average 8.571428571428571) internal successors, (60), 7 states have internal predecessors, (60), 2 states have call successors, (16), 2 states have call predecessors, (16), 4 states have return successors, (18), 4 states have call predecessors, (18), 2 states have call successors, (18) [2022-11-23 15:33:12,199 INFO L276 IsEmpty]: Start isEmpty. Operand 1161 states and 1444 transitions. [2022-11-23 15:33:12,210 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2022-11-23 15:33:12,210 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:33:12,211 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:33:12,224 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-23 15:33:12,424 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-23 15:33:12,424 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:33:12,425 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:33:12,425 INFO L85 PathProgramCache]: Analyzing trace with hash -996438933, now seen corresponding path program 1 times [2022-11-23 15:33:12,425 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:33:12,425 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [272473821] [2022-11-23 15:33:12,425 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:33:12,426 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:33:12,452 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:33:13,174 INFO L134 CoverageAnalysis]: Checked inductivity of 92 backedges. 53 proven. 6 refuted. 0 times theorem prover too weak. 33 trivial. 0 not checked. [2022-11-23 15:33:13,174 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:33:13,175 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [272473821] [2022-11-23 15:33:13,175 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [272473821] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 15:33:13,175 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1459106702] [2022-11-23 15:33:13,175 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:33:13,176 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:33:13,176 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 15:33:13,177 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 15:33:13,203 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-23 15:33:13,344 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:33:13,347 INFO L263 TraceCheckSpWp]: Trace formula consists of 474 conjuncts, 37 conjunts are in the unsatisfiable core [2022-11-23 15:33:13,356 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 15:33:13,579 INFO L134 CoverageAnalysis]: Checked inductivity of 92 backedges. 64 proven. 10 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-11-23 15:33:13,579 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 15:33:14,400 INFO L134 CoverageAnalysis]: Checked inductivity of 92 backedges. 48 proven. 7 refuted. 0 times theorem prover too weak. 37 trivial. 0 not checked. [2022-11-23 15:33:14,400 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1459106702] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 15:33:14,401 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1221609498] [2022-11-23 15:33:14,404 INFO L159 IcfgInterpreter]: Started Sifa with 55 locations of interest [2022-11-23 15:33:14,404 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 15:33:14,405 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 15:33:14,405 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 15:33:14,405 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 15:33:18,163 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 36 for LOIs [2022-11-23 15:33:18,171 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 46 for LOIs [2022-11-23 15:33:19,155 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 38 for LOIs [2022-11-23 15:33:19,160 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 45 for LOIs [2022-11-23 15:33:19,275 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 45 for LOIs [2022-11-23 15:33:19,477 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 44 for LOIs [2022-11-23 15:33:19,484 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 43 for LOIs [2022-11-23 15:33:19,492 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 46 for LOIs [2022-11-23 15:33:19,497 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 15:33:28,715 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '17293#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 0)) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 1) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (= |timeShift_getWaterLevel_~retValue_acc~5#1| |timeShift_getWaterLevel_#res#1|) (= ~head~0.offset 0) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| ~waterLevel~0) (<= 0 ~methaneLevelCritical~0) (<= 0 ~pumpRunning~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= ~methaneLevelCritical~0 2147483647) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) (<= |timeShift_getWaterLevel_~retValue_acc~5#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2147483648)))' at error location [2022-11-23 15:33:28,716 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 15:33:28,716 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 15:33:28,716 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 13, 13] total 26 [2022-11-23 15:33:28,717 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [144202023] [2022-11-23 15:33:28,717 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 15:33:28,717 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 26 states [2022-11-23 15:33:28,718 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:33:28,718 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2022-11-23 15:33:28,719 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=346, Invalid=4076, Unknown=0, NotChecked=0, Total=4422 [2022-11-23 15:33:28,720 INFO L87 Difference]: Start difference. First operand 1161 states and 1444 transitions. Second operand has 26 states, 18 states have (on average 6.222222222222222) internal successors, (112), 20 states have internal predecessors, (112), 6 states have call successors, (28), 5 states have call predecessors, (28), 14 states have return successors, (33), 12 states have call predecessors, (33), 6 states have call successors, (33) [2022-11-23 15:33:33,242 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:33:33,242 INFO L93 Difference]: Finished difference Result 3440 states and 4903 transitions. [2022-11-23 15:33:33,243 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 61 states. [2022-11-23 15:33:33,243 INFO L78 Accepts]: Start accepts. Automaton has has 26 states, 18 states have (on average 6.222222222222222) internal successors, (112), 20 states have internal predecessors, (112), 6 states have call successors, (28), 5 states have call predecessors, (28), 14 states have return successors, (33), 12 states have call predecessors, (33), 6 states have call successors, (33) Word has length 116 [2022-11-23 15:33:33,244 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:33:33,261 INFO L225 Difference]: With dead ends: 3440 [2022-11-23 15:33:33,261 INFO L226 Difference]: Without dead ends: 2712 [2022-11-23 15:33:33,268 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 459 GetRequests, 330 SyntacticMatches, 5 SemanticMatches, 124 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5630 ImplicationChecksByTransitivity, 11.8s TimeCoverageRelationStatistics Valid=1255, Invalid=14495, Unknown=0, NotChecked=0, Total=15750 [2022-11-23 15:33:33,269 INFO L413 NwaCegarLoop]: 88 mSDtfsCounter, 994 mSDsluCounter, 867 mSDsCounter, 0 mSdLazyCounter, 2085 mSolverCounterSat, 679 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 994 SdHoareTripleChecker+Valid, 955 SdHoareTripleChecker+Invalid, 2764 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 679 IncrementalHoareTripleChecker+Valid, 2085 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.8s IncrementalHoareTripleChecker+Time [2022-11-23 15:33:33,269 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [994 Valid, 955 Invalid, 2764 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [679 Valid, 2085 Invalid, 0 Unknown, 0 Unchecked, 1.8s Time] [2022-11-23 15:33:33,273 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2712 states. [2022-11-23 15:33:33,510 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2712 to 1607. [2022-11-23 15:33:33,513 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1607 states, 1094 states have (on average 1.2212065813528337) internal successors, (1336), 1173 states have internal predecessors, (1336), 260 states have call successors, (260), 230 states have call predecessors, (260), 252 states have return successors, (408), 254 states have call predecessors, (408), 260 states have call successors, (408) [2022-11-23 15:33:33,521 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1607 states to 1607 states and 2004 transitions. [2022-11-23 15:33:33,522 INFO L78 Accepts]: Start accepts. Automaton has 1607 states and 2004 transitions. Word has length 116 [2022-11-23 15:33:33,522 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:33:33,523 INFO L495 AbstractCegarLoop]: Abstraction has 1607 states and 2004 transitions. [2022-11-23 15:33:33,523 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 26 states, 18 states have (on average 6.222222222222222) internal successors, (112), 20 states have internal predecessors, (112), 6 states have call successors, (28), 5 states have call predecessors, (28), 14 states have return successors, (33), 12 states have call predecessors, (33), 6 states have call successors, (33) [2022-11-23 15:33:33,523 INFO L276 IsEmpty]: Start isEmpty. Operand 1607 states and 2004 transitions. [2022-11-23 15:33:33,527 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2022-11-23 15:33:33,527 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:33:33,528 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:33:33,540 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-23 15:33:33,734 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-11-23 15:33:33,735 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:33:33,735 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:33:33,735 INFO L85 PathProgramCache]: Analyzing trace with hash -809174963, now seen corresponding path program 2 times [2022-11-23 15:33:33,735 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:33:33,736 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1692105034] [2022-11-23 15:33:33,736 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:33:33,736 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:33:33,754 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:33:34,141 INFO L134 CoverageAnalysis]: Checked inductivity of 92 backedges. 36 proven. 27 refuted. 0 times theorem prover too weak. 29 trivial. 0 not checked. [2022-11-23 15:33:34,141 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:33:34,141 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1692105034] [2022-11-23 15:33:34,142 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1692105034] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 15:33:34,142 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [506953205] [2022-11-23 15:33:34,142 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-23 15:33:34,142 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:33:34,142 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 15:33:34,147 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 15:33:34,167 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-23 15:33:34,249 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2022-11-23 15:33:34,249 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-23 15:33:34,251 INFO L263 TraceCheckSpWp]: Trace formula consists of 294 conjuncts, 31 conjunts are in the unsatisfiable core [2022-11-23 15:33:34,255 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 15:33:34,644 INFO L134 CoverageAnalysis]: Checked inductivity of 92 backedges. 0 proven. 56 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2022-11-23 15:33:34,644 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 15:33:35,287 INFO L134 CoverageAnalysis]: Checked inductivity of 92 backedges. 33 proven. 6 refuted. 0 times theorem prover too weak. 53 trivial. 0 not checked. [2022-11-23 15:33:35,287 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [506953205] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 15:33:35,287 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1255504434] [2022-11-23 15:33:35,295 INFO L159 IcfgInterpreter]: Started Sifa with 55 locations of interest [2022-11-23 15:33:35,295 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 15:33:35,296 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 15:33:35,296 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 15:33:35,296 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 15:33:38,236 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 36 for LOIs [2022-11-23 15:33:38,240 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 46 for LOIs [2022-11-23 15:33:38,885 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 38 for LOIs [2022-11-23 15:33:38,889 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 45 for LOIs [2022-11-23 15:33:38,980 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 45 for LOIs [2022-11-23 15:33:39,122 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 44 for LOIs [2022-11-23 15:33:39,128 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 43 for LOIs [2022-11-23 15:33:39,134 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 46 for LOIs [2022-11-23 15:33:39,139 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 15:33:47,570 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '25745#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 0)) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 1) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (= |timeShift_getWaterLevel_~retValue_acc~5#1| |timeShift_getWaterLevel_#res#1|) (= ~head~0.offset 0) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| ~waterLevel~0) (<= 0 ~methaneLevelCritical~0) (<= 0 ~pumpRunning~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= ~methaneLevelCritical~0 2147483647) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) (<= |timeShift_getWaterLevel_~retValue_acc~5#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2147483648)))' at error location [2022-11-23 15:33:47,570 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 15:33:47,570 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 15:33:47,570 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 12, 13] total 28 [2022-11-23 15:33:47,571 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1554122194] [2022-11-23 15:33:47,571 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 15:33:47,572 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 28 states [2022-11-23 15:33:47,572 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:33:47,572 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2022-11-23 15:33:47,574 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=348, Invalid=4344, Unknown=0, NotChecked=0, Total=4692 [2022-11-23 15:33:47,574 INFO L87 Difference]: Start difference. First operand 1607 states and 2004 transitions. Second operand has 28 states, 20 states have (on average 8.05) internal successors, (161), 21 states have internal predecessors, (161), 11 states have call successors, (46), 10 states have call predecessors, (46), 14 states have return successors, (44), 16 states have call predecessors, (44), 11 states have call successors, (44) [2022-11-23 15:33:51,030 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:33:51,030 INFO L93 Difference]: Finished difference Result 3829 states and 4779 transitions. [2022-11-23 15:33:51,031 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 50 states. [2022-11-23 15:33:51,031 INFO L78 Accepts]: Start accepts. Automaton has has 28 states, 20 states have (on average 8.05) internal successors, (161), 21 states have internal predecessors, (161), 11 states have call successors, (46), 10 states have call predecessors, (46), 14 states have return successors, (44), 16 states have call predecessors, (44), 11 states have call successors, (44) Word has length 116 [2022-11-23 15:33:51,032 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:33:51,046 INFO L225 Difference]: With dead ends: 3829 [2022-11-23 15:33:51,046 INFO L226 Difference]: Without dead ends: 2374 [2022-11-23 15:33:51,056 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 418 GetRequests, 301 SyntacticMatches, 5 SemanticMatches, 112 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4497 ImplicationChecksByTransitivity, 10.0s TimeCoverageRelationStatistics Valid=1020, Invalid=11862, Unknown=0, NotChecked=0, Total=12882 [2022-11-23 15:33:51,057 INFO L413 NwaCegarLoop]: 48 mSDtfsCounter, 872 mSDsluCounter, 466 mSDsCounter, 0 mSdLazyCounter, 2423 mSolverCounterSat, 539 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 873 SdHoareTripleChecker+Valid, 514 SdHoareTripleChecker+Invalid, 2962 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 539 IncrementalHoareTripleChecker+Valid, 2423 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.7s IncrementalHoareTripleChecker+Time [2022-11-23 15:33:51,057 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [873 Valid, 514 Invalid, 2962 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [539 Valid, 2423 Invalid, 0 Unknown, 0 Unchecked, 1.7s Time] [2022-11-23 15:33:51,061 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2374 states. [2022-11-23 15:33:51,353 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2374 to 2115. [2022-11-23 15:33:51,358 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2115 states, 1437 states have (on average 1.2073764787752261) internal successors, (1735), 1541 states have internal predecessors, (1735), 339 states have call successors, (339), 312 states have call predecessors, (339), 338 states have return successors, (463), 336 states have call predecessors, (463), 339 states have call successors, (463) [2022-11-23 15:33:51,367 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2115 states to 2115 states and 2537 transitions. [2022-11-23 15:33:51,368 INFO L78 Accepts]: Start accepts. Automaton has 2115 states and 2537 transitions. Word has length 116 [2022-11-23 15:33:51,368 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:33:51,369 INFO L495 AbstractCegarLoop]: Abstraction has 2115 states and 2537 transitions. [2022-11-23 15:33:51,369 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 28 states, 20 states have (on average 8.05) internal successors, (161), 21 states have internal predecessors, (161), 11 states have call successors, (46), 10 states have call predecessors, (46), 14 states have return successors, (44), 16 states have call predecessors, (44), 11 states have call successors, (44) [2022-11-23 15:33:51,369 INFO L276 IsEmpty]: Start isEmpty. Operand 2115 states and 2537 transitions. [2022-11-23 15:33:51,374 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 120 [2022-11-23 15:33:51,375 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:33:51,375 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:33:51,387 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-23 15:33:51,581 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:33:51,582 INFO L420 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:33:51,582 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:33:51,582 INFO L85 PathProgramCache]: Analyzing trace with hash -820997447, now seen corresponding path program 3 times [2022-11-23 15:33:51,582 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:33:51,582 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1851328756] [2022-11-23 15:33:51,582 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:33:51,583 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:33:51,602 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:33:52,390 INFO L134 CoverageAnalysis]: Checked inductivity of 95 backedges. 45 proven. 17 refuted. 0 times theorem prover too weak. 33 trivial. 0 not checked. [2022-11-23 15:33:52,391 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:33:52,391 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1851328756] [2022-11-23 15:33:52,391 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1851328756] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 15:33:52,391 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [458942720] [2022-11-23 15:33:52,391 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2022-11-23 15:33:52,391 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:33:52,391 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 15:33:52,393 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 15:33:52,419 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2022-11-23 15:33:52,548 INFO L228 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2022-11-23 15:33:52,548 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-23 15:33:52,552 INFO L263 TraceCheckSpWp]: Trace formula consists of 480 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-23 15:33:52,557 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 15:33:53,145 INFO L134 CoverageAnalysis]: Checked inductivity of 95 backedges. 45 proven. 48 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:33:53,145 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 15:33:54,268 INFO L134 CoverageAnalysis]: Checked inductivity of 95 backedges. 57 proven. 5 refuted. 0 times theorem prover too weak. 33 trivial. 0 not checked. [2022-11-23 15:33:54,268 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [458942720] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 15:33:54,268 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1235066392] [2022-11-23 15:33:54,271 INFO L159 IcfgInterpreter]: Started Sifa with 55 locations of interest [2022-11-23 15:33:54,271 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 15:33:54,272 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 15:33:54,272 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 15:33:54,273 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 15:33:57,562 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 36 for LOIs [2022-11-23 15:33:57,568 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 46 for LOIs [2022-11-23 15:33:58,302 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 38 for LOIs [2022-11-23 15:33:58,310 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 45 for LOIs [2022-11-23 15:33:58,426 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 45 for LOIs [2022-11-23 15:33:58,642 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 44 for LOIs [2022-11-23 15:33:58,651 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 43 for LOIs [2022-11-23 15:33:58,659 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 30 for LOIs [2022-11-23 15:33:58,663 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 15:34:06,741 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '35600#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 0)) (<= 0 |old(~pumpRunning~0)|) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 1) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (= |timeShift_getWaterLevel_~retValue_acc~5#1| |timeShift_getWaterLevel_#res#1|) (= ~head~0.offset 0) (<= |old(~pumpRunning~0)| 2147483647) (= 1 ~systemActive~0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| ~waterLevel~0) (<= 0 ~methaneLevelCritical~0) (<= 0 ~pumpRunning~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= ~methaneLevelCritical~0 2147483647) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) (<= |timeShift_getWaterLevel_~retValue_acc~5#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2147483648)))' at error location [2022-11-23 15:34:06,741 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 15:34:06,741 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 15:34:06,741 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 13, 11] total 27 [2022-11-23 15:34:06,742 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1834408240] [2022-11-23 15:34:06,742 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 15:34:06,743 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 27 states [2022-11-23 15:34:06,743 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:34:06,743 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2022-11-23 15:34:06,744 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=448, Invalid=4108, Unknown=0, NotChecked=0, Total=4556 [2022-11-23 15:34:06,745 INFO L87 Difference]: Start difference. First operand 2115 states and 2537 transitions. Second operand has 27 states, 26 states have (on average 6.115384615384615) internal successors, (159), 27 states have internal predecessors, (159), 15 states have call successors, (43), 9 states have call predecessors, (43), 13 states have return successors, (43), 15 states have call predecessors, (43), 15 states have call successors, (43) [2022-11-23 15:34:12,722 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:34:12,723 INFO L93 Difference]: Finished difference Result 5149 states and 6469 transitions. [2022-11-23 15:34:12,723 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 76 states. [2022-11-23 15:34:12,724 INFO L78 Accepts]: Start accepts. Automaton has has 27 states, 26 states have (on average 6.115384615384615) internal successors, (159), 27 states have internal predecessors, (159), 15 states have call successors, (43), 9 states have call predecessors, (43), 13 states have return successors, (43), 15 states have call predecessors, (43), 15 states have call successors, (43) Word has length 119 [2022-11-23 15:34:12,724 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:34:12,726 INFO L225 Difference]: With dead ends: 5149 [2022-11-23 15:34:12,726 INFO L226 Difference]: Without dead ends: 0 [2022-11-23 15:34:12,743 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 485 GetRequests, 334 SyntacticMatches, 13 SemanticMatches, 138 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8078 ImplicationChecksByTransitivity, 11.0s TimeCoverageRelationStatistics Valid=2134, Invalid=17326, Unknown=0, NotChecked=0, Total=19460 [2022-11-23 15:34:12,744 INFO L413 NwaCegarLoop]: 185 mSDtfsCounter, 1955 mSDsluCounter, 1236 mSDsCounter, 0 mSdLazyCounter, 2890 mSolverCounterSat, 1492 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1956 SdHoareTripleChecker+Valid, 1421 SdHoareTripleChecker+Invalid, 4382 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1492 IncrementalHoareTripleChecker+Valid, 2890 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.7s IncrementalHoareTripleChecker+Time [2022-11-23 15:34:12,744 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1956 Valid, 1421 Invalid, 4382 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1492 Valid, 2890 Invalid, 0 Unknown, 0 Unchecked, 2.7s Time] [2022-11-23 15:34:12,745 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-23 15:34:12,745 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-23 15:34:12,745 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-23 15:34:12,746 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-23 15:34:12,747 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 119 [2022-11-23 15:34:12,747 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:34:12,747 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-23 15:34:12,748 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 27 states, 26 states have (on average 6.115384615384615) internal successors, (159), 27 states have internal predecessors, (159), 15 states have call successors, (43), 9 states have call predecessors, (43), 13 states have return successors, (43), 15 states have call predecessors, (43), 15 states have call successors, (43) [2022-11-23 15:34:12,748 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-23 15:34:12,748 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-23 15:34:12,752 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-23 15:34:12,759 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2022-11-23 15:34:12,959 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2022-11-23 15:34:12,961 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-23 15:34:19,070 WARN L233 SmtUtils]: Spent 5.04s on a formula simplification. DAG size of input: 252 DAG size of output: 235 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-23 15:34:26,540 WARN L233 SmtUtils]: Spent 6.82s on a formula simplification. DAG size of input: 493 DAG size of output: 451 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-23 15:35:36,054 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 325 332) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (and (not (= ~methaneLevelCritical~0 0)) (not (= ~methaneLevelCritical~0 1)))) (.cse2 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 (not (= 2 ~waterLevel~0)) (= |old(~pumpRunning~0)| 0)) (or .cse0 .cse1 .cse2 (not (<= ~waterLevel~0 1)) (= ~switchedOnBeforeTS~0 0) (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|))))) [2022-11-23 15:35:36,054 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 325 332) no Hoare annotation was computed. [2022-11-23 15:35:36,055 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 215 221) no Hoare annotation was computed. [2022-11-23 15:35:36,055 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 215 221) the Hoare annotation is: true [2022-11-23 15:35:36,055 INFO L895 garLoopResultBuilder]: At program point L263(line 263) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse2 (not (<= ~waterLevel~0 2))) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse0 .cse1 .cse4 .cse2 .cse3) (or .cse1 .cse4 (not (= |old(~pumpRunning~0)| 1)) .cse2 .cse3 (= ~pumpRunning~0 1)))) [2022-11-23 15:35:36,056 INFO L895 garLoopResultBuilder]: At program point L259(line 259) the Hoare annotation is: (let ((.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse2 (not (<= ~waterLevel~0 2))) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1 (not (= |old(~pumpRunning~0)| 1)) .cse2 .cse3) (or .cse4 .cse0 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse4 .cse0 .cse1 .cse2 .cse3))) [2022-11-23 15:35:36,056 INFO L899 garLoopResultBuilder]: For program point L257(lines 257 265) no Hoare annotation was computed. [2022-11-23 15:35:36,056 INFO L895 garLoopResultBuilder]: At program point L253(lines 253 270) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (<= ~waterLevel~0 2))) (.cse5 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse3 (not (= ~methaneLevelCritical~0 1)) .cse4 .cse5) (or .cse1 .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse5 (= ~pumpRunning~0 1)))) [2022-11-23 15:35:36,056 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__methaneQueryENTRY(lines 249 273) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (<= ~waterLevel~0 2))) (.cse5 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse3 (not (= ~methaneLevelCritical~0 1)) .cse4 .cse5) (or .cse1 .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse5 (= ~pumpRunning~0 1)))) [2022-11-23 15:35:36,057 INFO L895 garLoopResultBuilder]: At program point L268(line 268) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (<= ~waterLevel~0 2))) (.cse5 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse3 (not (= ~methaneLevelCritical~0 1)) .cse4 .cse5) (or .cse1 .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse5))) [2022-11-23 15:35:36,057 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 249 273) no Hoare annotation was computed. [2022-11-23 15:35:36,057 INFO L899 garLoopResultBuilder]: For program point L268-1(lines 249 273) no Hoare annotation was computed. [2022-11-23 15:35:36,057 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 344 352) no Hoare annotation was computed. [2022-11-23 15:35:36,060 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 344 352) the Hoare annotation is: true [2022-11-23 15:35:36,060 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 477 488) the Hoare annotation is: (let ((.cse6 (not (= |old(~methaneLevelCritical~0)| 0)))) (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (and .cse6 (not (= |old(~methaneLevelCritical~0)| 1)))) (.cse5 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse3 (not (<= ~waterLevel~0 2))) (.cse4 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 (not (= 0 ~systemActive~0))) (or .cse0 .cse5 .cse1 (not (= 2 ~waterLevel~0)) .cse2) (or .cse0 .cse5 .cse1 .cse2 (not (<= ~waterLevel~0 1))) (or .cse6 .cse5 .cse2 (not (<= 2 ~waterLevel~0)) (not (= ~pumpRunning~0 1)) .cse3) (or .cse6 .cse5 .cse2 .cse3 .cse4)))) [2022-11-23 15:35:36,060 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 477 488) no Hoare annotation was computed. [2022-11-23 15:35:36,060 INFO L899 garLoopResultBuilder]: For program point L576(line 576) no Hoare annotation was computed. [2022-11-23 15:35:36,061 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 555 584) no Hoare annotation was computed. [2022-11-23 15:35:36,061 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 555 584) the Hoare annotation is: true [2022-11-23 15:35:36,061 INFO L899 garLoopResultBuilder]: For program point L569(lines 569 573) no Hoare annotation was computed. [2022-11-23 15:35:36,061 INFO L902 garLoopResultBuilder]: At program point L569-1(lines 569 573) the Hoare annotation is: true [2022-11-23 15:35:36,062 INFO L902 garLoopResultBuilder]: At program point L565-2(lines 565 579) the Hoare annotation is: true [2022-11-23 15:35:36,062 INFO L902 garLoopResultBuilder]: At program point L561(line 561) the Hoare annotation is: true [2022-11-23 15:35:36,062 INFO L899 garLoopResultBuilder]: For program point L561-1(line 561) no Hoare annotation was computed. [2022-11-23 15:35:36,062 INFO L902 garLoopResultBuilder]: At program point L580(lines 555 584) the Hoare annotation is: true [2022-11-23 15:35:36,063 INFO L899 garLoopResultBuilder]: For program point L283(lines 283 291) no Hoare annotation was computed. [2022-11-23 15:35:36,063 INFO L899 garLoopResultBuilder]: For program point L279(lines 279 296) no Hoare annotation was computed. [2022-11-23 15:35:36,063 INFO L899 garLoopResultBuilder]: For program point L85(lines 85 91) no Hoare annotation was computed. [2022-11-23 15:35:36,063 INFO L895 garLoopResultBuilder]: At program point L82(line 82) the Hoare annotation is: (let ((.cse10 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (<= ~waterLevel~0 1)) (.cse21 (= ~methaneLevelCritical~0 1)) (.cse20 (= 1 ~systemActive~0)) (.cse19 (not (= ~switchedOnBeforeTS~0 0))) (.cse7 (= ~pumpRunning~0 0)) (.cse8 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| ~waterLevel~0)) (.cse22 (let ((.cse24 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse24) .cse10) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse24)))) (.cse11 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse23 (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0))) (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse13 (and .cse8 .cse22 .cse11 .cse23 (= ~pumpRunning~0 1))) (.cse14 (not (= |old(~pumpRunning~0)| 1))) (.cse15 (and .cse19 .cse7 .cse8 .cse22 .cse23)) (.cse1 (not (<= |old(~waterLevel~0)| 1))) (.cse18 (and .cse7 .cse8 .cse10 .cse11)) (.cse6 (not (= ~methaneLevelCritical~0 0))) (.cse12 (not (<= |old(~waterLevel~0)| 2))) (.cse17 (not (= 0 ~systemActive~0))) (.cse16 (not (<= 2 |old(~waterLevel~0)|))) (.cse2 (not .cse20)) (.cse3 (not .cse21)) (.cse4 (and .cse19 .cse5 .cse7 .cse8 .cse9 .cse20 .cse21 .cse22 .cse23))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse5 .cse2 .cse6 (and .cse7 .cse8 .cse9 .cse10 .cse11) .cse12) (or .cse13 .cse2 .cse6 .cse14 .cse12 .cse15 .cse16) (or .cse0 .cse13 .cse2 .cse6 .cse14 .cse12 .cse15) (or .cse5 .cse3 .cse12 .cse17 .cse16) (or .cse5 .cse3 .cse12 .cse17 .cse18) (or .cse1 .cse5 .cse2 .cse3 .cse18) (or .cse1 .cse5 .cse6 .cse17 .cse18) (or .cse5 .cse6 .cse12 .cse17 .cse16) (or .cse2 .cse3 (not (= |old(~waterLevel~0)| 2)) .cse4))))) [2022-11-23 15:35:36,064 INFO L899 garLoopResultBuilder]: For program point L82-1(line 82) no Hoare annotation was computed. [2022-11-23 15:35:36,064 INFO L895 garLoopResultBuilder]: At program point L202-1(lines 202 208) the Hoare annotation is: (let ((.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse13 (= ~pumpRunning~0 1)) (.cse17 (let ((.cse20 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse20) .cse9) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse20)))) (.cse19 (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0)) (.cse2 (= ~pumpRunning~0 0)) (.cse18 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse11 (= |old(~pumpRunning~0)| 0))) (let ((.cse12 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (not (= ~methaneLevelCritical~0 1))) (.cse1 (not .cse11)) (.cse5 (and .cse2 .cse9 .cse18)) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse8 (not (= 0 ~systemActive~0))) (.cse10 (and (not (= ~switchedOnBeforeTS~0 0)) .cse2 .cse17 .cse19)) (.cse14 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse3 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse15 (not (= |old(~pumpRunning~0)| 1))) (.cse16 (and .cse17 .cse18 .cse19 .cse13))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse1 .cse5 .cse6 .cse7 .cse8) (or .cse1 (and (= 2 ~waterLevel~0) .cse9) .cse3 .cse5 .cse6 .cse7) (or .cse10 .cse3 .cse11 .cse6 .cse7 .cse12) (or .cse1 .cse3 .cse5 .cse4 .cse7 (and .cse9 .cse13)) (or .cse10 .cse14 .cse0 .cse3 .cse6 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse10 .cse3 .cse4 .cse15 .cse16 .cse7 .cse12) (or .cse2 .cse3 .cse6 (not (= |old(~waterLevel~0)| 2))) (or .cse1 .cse5 .cse4 .cse7 .cse8) (or .cse10 .cse14 .cse0 .cse3 .cse4 .cse15 .cse16))))) [2022-11-23 15:35:36,064 INFO L895 garLoopResultBuilder]: At program point L289(line 289) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse10 (not (= 0 ~systemActive~0))) (.cse11 (not (<= 2 |old(~waterLevel~0)|)))) (let ((.cse5 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse7 (and (let ((.cse12 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse12) (= |old(~waterLevel~0)| ~waterLevel~0)) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse12))) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 1))) (.cse9 (and (or .cse0 .cse10 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse0 .cse10 .cse11))) (.cse1 (not (= 1 ~systemActive~0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse8 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 .cse4 .cse3) (or .cse5 .cse1 .cse4 .cse6 .cse7 .cse3) (or .cse5 .cse8 .cse1 .cse2) (or .cse9 .cse4 .cse3) (or .cse8 .cse0 .cse4 .cse10) (or .cse1 .cse4 .cse6 .cse7 .cse3 .cse11) (or .cse9 .cse2 .cse3) (or .cse1 .cse2 .cse3 .cse11) (or .cse8 .cse0 .cse2 .cse10)))) [2022-11-23 15:35:36,065 INFO L895 garLoopResultBuilder]: At program point L285(line 285) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (not (= 0 ~systemActive~0)))) (let ((.cse5 (and (or .cse0 .cse7 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse0 .cse7 (not (<= 2 |old(~waterLevel~0)|))))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse8 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse15 (not (= |old(~pumpRunning~0)| 1))) (.cse6 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse16 (not (= |old(~waterLevel~0)| 2))) (.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse10 (not (= ~pumpRunning~0 0))) (.cse11 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse12 (< 0 |old(~waterLevel~0)|)) (.cse13 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse14 (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 .cse4 .cse3) (or .cse5 .cse4 .cse3) (or .cse6 .cse0 .cse4 .cse7) (or .cse5 .cse2 .cse3) (or .cse8 .cse6 .cse1 (and .cse9 .cse10 (<= ~waterLevel~0 0) (or (and .cse11 .cse12) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse13 .cse7 .cse14) .cse2) (or .cse8 .cse6 .cse1 .cse4 .cse15) (or .cse1 .cse4 .cse15 .cse16) (or .cse6 .cse0 .cse2 .cse7) (or .cse1 .cse2 .cse16 (and .cse9 .cse10 .cse11 .cse12 .cse13 .cse7 .cse14))))) [2022-11-23 15:35:36,065 INFO L895 garLoopResultBuilder]: At program point L281(line 281) the Hoare annotation is: (let ((.cse17 (< 0 |old(~waterLevel~0)|))) (let ((.cse16 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse15 (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse17))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse10 (not (= 0 ~systemActive~0))) (.cse7 (not (<= 2 |old(~waterLevel~0)|))) (.cse12 (or (and (not .cse17) .cse16) .cse15)) (.cse13 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (let ((.cse6 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse12 .cse13)) (.cse8 (and (or .cse0 .cse10 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse0 .cse10 .cse7))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse5 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse9 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse11 (not (= |old(~pumpRunning~0)| 1))) (.cse14 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 .cse4 .cse3) (or .cse5 .cse1 .cse6 .cse2 .cse3) (or .cse1 .cse6 .cse2 .cse3 .cse7) (or .cse8 .cse4 .cse3) (or .cse9 .cse0 .cse4 .cse10) (or .cse1 .cse4 .cse11 (not (= |old(~waterLevel~0)| 2)) (and .cse12 .cse13 .cse14)) (or .cse8 .cse2 .cse3) (or .cse9 .cse0 .cse2 .cse10) (or .cse5 .cse9 .cse1 .cse4 .cse11 (and (<= ~waterLevel~0 0) (or .cse15 .cse16) .cse13 .cse14))))))) [2022-11-23 15:35:36,065 INFO L899 garLoopResultBuilder]: For program point L281-1(line 281) no Hoare annotation was computed. [2022-11-23 15:35:36,065 INFO L895 garLoopResultBuilder]: At program point L294(line 294) the Hoare annotation is: (let ((.cse19 (= |old(~pumpRunning~0)| 0))) (let ((.cse14 (= ~pumpRunning~0 0)) (.cse17 (= 1 ~systemActive~0)) (.cse18 (= ~methaneLevelCritical~0 1)) (.cse15 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse16 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse10 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse0 (not .cse19)) (.cse8 (not (= 0 ~systemActive~0)))) (let ((.cse5 (and (or .cse0 .cse8 .cse10) (or .cse0 .cse8 (not (<= 2 |old(~waterLevel~0)|))))) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (and .cse14 .cse17 .cse19 .cse18 .cse15 .cse16)) (.cse9 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse12 (not (= |old(~pumpRunning~0)| 1))) (.cse7 (not (<= |old(~waterLevel~0)| 1))) (.cse3 (not .cse18)) (.cse1 (not .cse17)) (.cse13 (and .cse14 .cse15 .cse16)) (.cse6 (not (= ~methaneLevelCritical~0 0))) (.cse11 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse4) (or .cse7 .cse0 .cse6 .cse8) (or .cse9 .cse7 .cse1 .cse3 .cse10) (or .cse5 .cse3 .cse4) (or .cse1 .cse2 .cse3 .cse11) (or .cse9 .cse7 .cse1 .cse6 .cse12) (or .cse7 .cse0 .cse1 .cse13 .cse6) (or .cse1 .cse6 .cse12 .cse11) (or .cse7 .cse0 .cse3 .cse8) (or .cse0 .cse1 .cse13 .cse6 .cse11))))) [2022-11-23 15:35:36,066 INFO L895 garLoopResultBuilder]: At program point L294-1(lines 275 299) the Hoare annotation is: (let ((.cse12 (= |old(~pumpRunning~0)| 0)) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse14 (= ~pumpRunning~0 1)) (.cse19 (let ((.cse22 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse22) .cse5) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse22)))) (.cse21 (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0)) (.cse16 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse1 (not .cse12)) (.cse10 (not (= 0 ~systemActive~0))) (.cse13 (not (<= 2 |old(~waterLevel~0)|))) (.cse2 (= ~pumpRunning~0 0)) (.cse20 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (let ((.cse6 (and .cse2 .cse5 .cse20)) (.cse9 (and (or .cse1 .cse10 .cse16) (or .cse1 .cse10 .cse13))) (.cse8 (not (<= |old(~waterLevel~0)| 2))) (.cse11 (and (not (= ~switchedOnBeforeTS~0 0)) .cse2 .cse19 .cse21)) (.cse15 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse3 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse17 (not (= |old(~pumpRunning~0)| 1))) (.cse18 (and .cse19 .cse20 .cse21 .cse14)) (.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse7 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse1 (and (= 2 ~waterLevel~0) .cse5) .cse3 .cse6 .cse7 .cse8) (or .cse9 .cse4 .cse8) (or .cse0 .cse1 .cse4 .cse10) (or .cse11 .cse3 .cse12 .cse7 .cse8 .cse13) (or .cse1 .cse3 .cse6 .cse4 .cse8 (and .cse5 .cse14)) (or .cse11 .cse15 .cse0 .cse3 .cse7 .cse16) (or .cse11 .cse3 .cse4 .cse17 .cse18 .cse8 .cse13) (or .cse2 .cse3 .cse7 (not (= |old(~waterLevel~0)| 2))) (or .cse9 .cse7 .cse8) (or .cse11 .cse15 .cse0 .cse3 .cse4 .cse17 .cse18) (or .cse0 .cse1 .cse7 .cse10))))) [2022-11-23 15:35:36,066 INFO L895 garLoopResultBuilder]: At program point L67(line 67) the Hoare annotation is: (let ((.cse24 (= 0 ~systemActive~0)) (.cse28 (= ~methaneLevelCritical~0 0))) (let ((.cse4 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not .cse28)) (.cse8 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse14 (not (= ~switchedOnBeforeTS~0 0))) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse27 (<= 2 ~waterLevel~0)) (.cse10 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse12 (not (= |old(~pumpRunning~0)| 0))) (.cse19 (not .cse24)) (.cse25 (not (<= 2 |old(~waterLevel~0)|))) (.cse26 (= ~pumpRunning~0 0)) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse13 (and .cse26 .cse7)) (.cse16 (not (= |old(~waterLevel~0)| 2))) (.cse0 (and (or .cse12 .cse19 .cse10) (or .cse12 .cse19 .cse25))) (.cse3 (and (or (and .cse14 .cse6 .cse24) (and .cse6 .cse27 .cse24)) .cse7)) (.cse18 (and .cse26 .cse7 .cse8)) (.cse11 (not (<= |old(~waterLevel~0)| 1))) (.cse20 (= ~pumpRunning~0 1)) (.cse15 (and .cse28 (not (= |old(~pumpRunning~0)| 1)))) (.cse17 (and .cse12 .cse1)) (.cse5 (not (= 1 ~systemActive~0))) (.cse9 (not (= ~methaneLevelCritical~0 1))) (.cse21 (and .cse6 .cse26 .cse27 .cse19)) (.cse22 (and .cse6 .cse26 .cse8 .cse19)) (.cse23 (and (or .cse4 .cse12 .cse24) (or .cse12 .cse24 .cse25))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 (and .cse6 .cse7 .cse8) .cse9 .cse2 .cse10) (or .cse11 .cse12 .cse13 .cse5 .cse9) (or .cse14 .cse12 .cse5 .cse9 .cse2 .cse10) (or .cse11 .cse12 .cse13 .cse5 .cse1) (or .cse4 .cse5 .cse15 .cse16 .cse17 .cse8 .cse10) (or .cse5 (and .cse6 .cse7) .cse9 .cse16) (or .cse4 .cse12 .cse18 .cse1 .cse2 .cse19) (or .cse5 .cse15 .cse1 .cse16 (and .cse7 .cse20)) (or .cse0 .cse9 .cse2 .cse3) (or .cse4 .cse12 .cse18 .cse9 .cse2 .cse19) (or .cse5 .cse1 (and (or .cse21 .cse22) .cse7) .cse23 .cse2) (or .cse4 .cse11 (and .cse7 .cse8 .cse20) .cse5 .cse15 .cse17 .cse10) (or .cse14 .cse12 .cse5 .cse1 .cse2 .cse10) (or .cse5 .cse9 .cse21 .cse22 .cse23 .cse2))))) [2022-11-23 15:35:36,066 INFO L895 garLoopResultBuilder]: At program point L67-1(line 67) the Hoare annotation is: (let ((.cse21 (= ~methaneLevelCritical~0 0)) (.cse20 (= 0 ~systemActive~0))) (let ((.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse6 (= |timeShift___utac_acc__Specification5_spec__2_#t~ret4#1| ~pumpRunning~0)) (.cse18 (not .cse20)) (.cse16 (not (= |old(~pumpRunning~0)| 0))) (.cse12 (not .cse21))) (let ((.cse10 (not (<= 2 |old(~waterLevel~0)|))) (.cse1 (not (<= |old(~waterLevel~0)| 1))) (.cse13 (= ~pumpRunning~0 1)) (.cse11 (and .cse21 (not (= |old(~pumpRunning~0)| 1)))) (.cse15 (and .cse16 .cse12)) (.cse19 (and .cse3 .cse4 .cse6 .cse18)) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse2 (not (= 1 ~systemActive~0))) (.cse14 (not (= |old(~waterLevel~0)| 2))) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse7 (not (= ~methaneLevelCritical~0 1))) (.cse9 (not (<= |old(~waterLevel~0)| 2))) (.cse17 (and (= ~pumpRunning~0 0) .cse4 .cse20 .cse6))) (and (or .cse0 .cse1 .cse2 (and .cse3 .cse4 .cse5 .cse6) .cse7 .cse8) (or (and .cse3 .cse4 .cse6) .cse2 .cse7 .cse9 .cse10) (or .cse2 .cse11 .cse12 (and .cse4 .cse6 .cse13) .cse9 .cse10) (or .cse0 .cse2 .cse11 .cse14 .cse15 .cse5 .cse8) (or .cse16 .cse12 .cse9 .cse17 .cse18) (or .cse0 .cse1 .cse2 (and .cse4 .cse5 .cse6 .cse13) .cse11 .cse15 .cse8) (or .cse16 .cse19 .cse2 .cse7 .cse9) (or .cse16 .cse19 .cse2 .cse12 .cse9) (or .cse0 .cse2 .cse7 .cse14 .cse5 .cse8) (or .cse16 .cse7 .cse9 .cse17 .cse18))))) [2022-11-23 15:35:36,066 INFO L899 garLoopResultBuilder]: For program point L195-2(lines 191 213) no Hoare annotation was computed. [2022-11-23 15:35:36,067 INFO L899 garLoopResultBuilder]: For program point L84(lines 84 94) no Hoare annotation was computed. [2022-11-23 15:35:36,067 INFO L895 garLoopResultBuilder]: At program point L658(line 658) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (not (= 0 ~systemActive~0))) (.cse9 (not (<= 2 |old(~waterLevel~0)|)))) (let ((.cse7 (and (or .cse0 .cse8 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse0 .cse8 .cse9))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse10 (not (= |old(~pumpRunning~0)| 1))) (.cse6 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 .cse4 .cse3) (or .cse5 .cse6 .cse1 .cse2) (or .cse7 .cse4 .cse3) (or .cse6 .cse0 .cse4 .cse8) (or .cse7 .cse2 .cse3) (or .cse1 .cse2 .cse3 .cse9) (or .cse5 .cse6 .cse1 .cse4 .cse10) (or .cse1 .cse4 .cse10 (not (= |old(~waterLevel~0)| 2))) (or .cse6 .cse0 .cse2 .cse8)))) [2022-11-23 15:35:36,067 INFO L899 garLoopResultBuilder]: For program point L80(lines 80 97) no Hoare annotation was computed. [2022-11-23 15:35:36,067 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 188 214) the Hoare annotation is: (let ((.cse24 (= 0 ~systemActive~0)) (.cse28 (= ~methaneLevelCritical~0 0))) (let ((.cse4 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not .cse28)) (.cse8 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse14 (not (= ~switchedOnBeforeTS~0 0))) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse27 (<= 2 ~waterLevel~0)) (.cse10 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse12 (not (= |old(~pumpRunning~0)| 0))) (.cse19 (not .cse24)) (.cse25 (not (<= 2 |old(~waterLevel~0)|))) (.cse26 (= ~pumpRunning~0 0)) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse13 (and .cse26 .cse7)) (.cse16 (not (= |old(~waterLevel~0)| 2))) (.cse0 (and (or .cse12 .cse19 .cse10) (or .cse12 .cse19 .cse25))) (.cse3 (and (or (and .cse14 .cse6 .cse24) (and .cse6 .cse27 .cse24)) .cse7)) (.cse18 (and .cse26 .cse7 .cse8)) (.cse11 (not (<= |old(~waterLevel~0)| 1))) (.cse20 (= ~pumpRunning~0 1)) (.cse15 (and .cse28 (not (= |old(~pumpRunning~0)| 1)))) (.cse17 (and .cse12 .cse1)) (.cse5 (not (= 1 ~systemActive~0))) (.cse9 (not (= ~methaneLevelCritical~0 1))) (.cse21 (and .cse6 .cse26 .cse27 .cse19)) (.cse22 (and .cse6 .cse26 .cse8 .cse19)) (.cse23 (and (or .cse4 .cse12 .cse24) (or .cse12 .cse24 .cse25))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 (and .cse6 .cse7 .cse8) .cse9 .cse2 .cse10) (or .cse11 .cse12 .cse13 .cse5 .cse9) (or .cse14 .cse12 .cse5 .cse9 .cse2 .cse10) (or .cse11 .cse12 .cse13 .cse5 .cse1) (or .cse4 .cse5 .cse15 .cse16 .cse17 .cse8 .cse10) (or .cse5 (and .cse6 .cse7) .cse9 .cse16) (or .cse4 .cse12 .cse18 .cse1 .cse2 .cse19) (or .cse5 .cse15 .cse1 .cse16 (and .cse7 .cse20)) (or .cse0 .cse9 .cse2 .cse3) (or .cse4 .cse12 .cse18 .cse9 .cse2 .cse19) (or .cse5 .cse1 (and (or .cse21 .cse22) .cse7) .cse23 .cse2) (or .cse4 .cse11 (and .cse7 .cse8 .cse20) .cse5 .cse15 .cse17 .cse10) (or .cse14 .cse12 .cse5 .cse1 .cse2 .cse10) (or .cse5 .cse9 .cse21 .cse22 .cse23 .cse2))))) [2022-11-23 15:35:36,068 INFO L895 garLoopResultBuilder]: At program point L80-1(lines 72 100) the Hoare annotation is: (let ((.cse18 (= 0 ~systemActive~0)) (.cse17 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse22 (= |old(~pumpRunning~0)| 0)) (.cse6 (not (= ~methaneLevelCritical~0 0))) (.cse15 (= ~pumpRunning~0 1)) (.cse23 (let ((.cse25 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse25) .cse17) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse25)))) (.cse24 (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0)) (.cse11 (= ~pumpRunning~0 0)) (.cse16 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| ~waterLevel~0)) (.cse19 (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 0)) (.cse12 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse13 (not .cse18))) (let ((.cse14 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) (.cse9 (not (<= 2 |old(~waterLevel~0)|))) (.cse20 (and (= 2 ~waterLevel~0) .cse17)) (.cse21 (and .cse11 .cse16 .cse17 .cse19 .cse12 .cse13)) (.cse0 (and (not (= ~switchedOnBeforeTS~0 0)) .cse11 .cse16 .cse23 .cse19 .cse13 .cse24)) (.cse1 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse5 (and .cse16 (or .cse6 .cse15) .cse23 .cse12 .cse24)) (.cse3 (not (= 1 ~systemActive~0))) (.cse7 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= |old(~waterLevel~0)| 1))) (.cse10 (not .cse22)) (.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse8 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse0 .cse5 .cse3 .cse6 .cse7 .cse8 .cse9) (or .cse10 .cse3 (and .cse11 .cse12 .cse13 .cse14) .cse6 (and .cse15 .cse14) (not (= |old(~waterLevel~0)| 2))) (or .cse2 .cse10 .cse6 (and .cse11 .cse16 .cse17 .cse18 .cse19 .cse12) .cse13) (or .cse10 .cse20 .cse3 .cse6 .cse21 .cse8) (or .cse0 .cse3 (and .cse11 .cse22 .cse14) .cse4 .cse8 .cse9) (or .cse10 .cse6 (and .cse11 .cse17 .cse12 .cse14) .cse8 .cse13 .cse9) (or .cse10 .cse20 .cse3 .cse21 .cse4 .cse8) (or .cse0 .cse1 .cse5 .cse3 .cse6 .cse7 .cse8) (or .cse2 .cse10 .cse4 .cse19 .cse13) (or .cse10 .cse4 .cse8 (and .cse11 .cse16 .cse17 .cse18 .cse12) .cse13))))) [2022-11-23 15:35:36,068 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 188 214) no Hoare annotation was computed. [2022-11-23 15:35:36,068 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 658) no Hoare annotation was computed. [2022-11-23 15:35:36,068 INFO L895 garLoopResultBuilder]: At program point L168(lines 117 169) the Hoare annotation is: false [2022-11-23 15:35:36,068 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-23 15:35:36,068 INFO L899 garLoopResultBuilder]: For program point L156(lines 156 162) no Hoare annotation was computed. [2022-11-23 15:35:36,069 INFO L895 garLoopResultBuilder]: At program point L156-2(lines 148 163) the Hoare annotation is: (let ((.cse9 (= ~methaneLevelCritical~0 1)) (.cse5 (= ~methaneLevelCritical~0 0))) (let ((.cse8 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse6 (or (not .cse5) (= ~pumpRunning~0 1))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (or .cse5 .cse9)) (.cse7 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (= 0 ~systemActive~0)) (and .cse5 (<= ~waterLevel~0 1) .cse6 .cse7 .cse2 .cse3 .cse8) (and .cse7 .cse2 .cse9 .cse3 .cse4 .cse8) (and (= 2 ~waterLevel~0) .cse1 .cse6 .cse7 .cse2 .cse3) (and .cse0 .cse1 .cse7 .cse2 .cse3 .cse4)))) [2022-11-23 15:35:36,069 INFO L899 garLoopResultBuilder]: For program point L119(lines 118 167) no Hoare annotation was computed. [2022-11-23 15:35:36,069 INFO L895 garLoopResultBuilder]: At program point L148(lines 148 163) the Hoare annotation is: (let ((.cse6 (= ~methaneLevelCritical~0 1)) (.cse0 (= ~methaneLevelCritical~0 0))) (let ((.cse1 (or (not .cse0) (= ~pumpRunning~0 1))) (.cse2 (= 1 ~systemActive~0)) (.cse9 (= ~pumpRunning~0 0)) (.cse8 (or .cse0 .cse6)) (.cse3 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse7 (<= ~waterLevel~0 2)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (or (and .cse0 (<= ~waterLevel~0 1) .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse2 .cse3 .cse6 .cse4 .cse7 .cse5) (and (= 2 ~waterLevel~0) .cse8 .cse1 .cse2 .cse3 .cse4) (and .cse9 .cse8 .cse2 .cse3 .cse4 .cse7) (and .cse9 .cse8 .cse3 .cse4 .cse7 (= 0 ~systemActive~0) .cse5)))) [2022-11-23 15:35:36,069 INFO L895 garLoopResultBuilder]: At program point L433(line 433) the Hoare annotation is: (and (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (or (= ~methaneLevelCritical~0 0) (= ~methaneLevelCritical~0 1))) (.cse2 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 .cse3))) (= 1 ~systemActive~0) (<= ~waterLevel~0 2)) [2022-11-23 15:35:36,070 INFO L895 garLoopResultBuilder]: At program point L140(line 140) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse8 (= ~methaneLevelCritical~0 0))) (let ((.cse6 (or .cse0 .cse8)) (.cse1 (= 1 ~systemActive~0)) (.cse7 (or .cse8 (= ~methaneLevelCritical~0 1))) (.cse2 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (or (and (not .cse0) .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and (= 2 ~waterLevel~0) .cse1 .cse2 .cse3 .cse6 (= ~pumpRunning~0 1)) (and .cse0 .cse7 .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse7 .cse2 .cse3 .cse4 (= 0 ~systemActive~0) .cse5)))) [2022-11-23 15:35:36,070 INFO L895 garLoopResultBuilder]: At program point L165(lines 118 167) the Hoare annotation is: (let ((.cse10 (= ~methaneLevelCritical~0 0)) (.cse7 (= ~pumpRunning~0 0))) (let ((.cse0 (not .cse7)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (= 2 ~waterLevel~0)) (.cse9 (or .cse10 (= ~methaneLevelCritical~0 1))) (.cse1 (or (not .cse10) (= ~pumpRunning~0 1))) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse6 (or .cse7 .cse10))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (= ~waterLevel~0 1) .cse5 .cse6) (and .cse0 .cse1 .cse2 .cse3 .cse4 (<= ~waterLevel~0 0) .cse5 .cse6) (and .cse7 .cse8 .cse9 .cse2 .cse3 .cse4) (and .cse7 .cse9 (<= ~waterLevel~0 1) .cse2 .cse3 .cse4) (and .cse7 .cse9 .cse3 .cse4 (<= ~waterLevel~0 2) (= 0 ~systemActive~0) .cse5) (and .cse8 .cse9 .cse1 .cse2 .cse3 .cse4 .cse6)))) [2022-11-23 15:35:36,070 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-23 15:35:36,070 INFO L895 garLoopResultBuilder]: At program point L640(lines 640 647) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_main_~tmp~8#1| 1) (= ~waterLevel~0 1) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) [2022-11-23 15:35:36,071 INFO L899 garLoopResultBuilder]: For program point L128(lines 128 134) no Hoare annotation was computed. [2022-11-23 15:35:36,071 INFO L899 garLoopResultBuilder]: For program point L128-1(lines 128 134) no Hoare annotation was computed. [2022-11-23 15:35:36,071 INFO L902 garLoopResultBuilder]: At program point L640-2(lines 640 647) the Hoare annotation is: true [2022-11-23 15:35:36,071 INFO L899 garLoopResultBuilder]: For program point L431(lines 431 437) no Hoare annotation was computed. [2022-11-23 15:35:36,071 INFO L895 garLoopResultBuilder]: At program point L431-1(lines 431 437) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (or (= ~methaneLevelCritical~0 0) (= ~methaneLevelCritical~0 1))) (.cse2 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and .cse0 .cse1 (<= ~waterLevel~0 1) (= 1 ~systemActive~0) .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= ~waterLevel~0 2) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)))) [2022-11-23 15:35:36,072 INFO L902 garLoopResultBuilder]: At program point L171(lines 108 175) the Hoare annotation is: true [2022-11-23 15:35:36,072 INFO L899 garLoopResultBuilder]: For program point L138(lines 138 144) no Hoare annotation was computed. [2022-11-23 15:35:36,072 INFO L899 garLoopResultBuilder]: For program point L138-1(lines 138 144) no Hoare annotation was computed. [2022-11-23 15:35:36,072 INFO L895 garLoopResultBuilder]: At program point L130(line 130) the Hoare annotation is: (let ((.cse10 (= ~methaneLevelCritical~0 0)) (.cse7 (= ~pumpRunning~0 0))) (let ((.cse0 (not .cse7)) (.cse9 (<= ~waterLevel~0 2)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (or .cse10 (= ~methaneLevelCritical~0 1))) (.cse1 (or (not .cse10) (= ~pumpRunning~0 1))) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse6 (or .cse7 .cse10))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (= ~waterLevel~0 1) .cse5 .cse6) (and .cse0 .cse1 .cse2 .cse3 .cse4 (<= ~waterLevel~0 0) .cse5 .cse6) (and .cse7 .cse8 .cse2 .cse3 .cse4 .cse9) (and .cse7 .cse8 .cse3 .cse4 .cse9 (= 0 ~systemActive~0) .cse5) (and (= 2 ~waterLevel~0) .cse8 .cse1 .cse2 .cse3 .cse4 .cse6)))) [2022-11-23 15:35:36,073 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 223 247) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (<= ~waterLevel~0 2))) (.cse5 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse3 (not (= ~methaneLevelCritical~0 1)) .cse4 .cse5) (or .cse1 .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse5 (= ~pumpRunning~0 1)))) [2022-11-23 15:35:36,073 INFO L895 garLoopResultBuilder]: At program point L242(line 242) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse2 (not (<= ~waterLevel~0 2))) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse0 .cse1 .cse4 .cse2 .cse3) (or .cse1 .cse4 (not (= |old(~pumpRunning~0)| 1)) .cse2 .cse3 (= ~pumpRunning~0 1)))) [2022-11-23 15:35:36,073 INFO L899 garLoopResultBuilder]: For program point L242-1(lines 223 247) no Hoare annotation was computed. [2022-11-23 15:35:36,073 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 223 247) no Hoare annotation was computed. [2022-11-23 15:35:36,074 INFO L895 garLoopResultBuilder]: At program point L313(line 313) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (and (= 2 ~waterLevel~0) (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (<= ~waterLevel~0 2))) (.cse4 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= ~methaneLevelCritical~0 1)) .cse4) (or .cse0 .cse1 .cse2 .cse5 .cse3 .cse4) (or .cse1 .cse5 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse4))) [2022-11-23 15:35:36,074 INFO L895 garLoopResultBuilder]: At program point L313-1(line 313) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (and (= 2 ~waterLevel~0) (= ~methaneLevelCritical~0 |processEnvironment__wrappee__highWaterSensor_activatePump_#t~ret14#1|) (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (<= ~waterLevel~0 2))) (.cse5 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse3 .cse4 (not (= ~methaneLevelCritical~0 1)) .cse5) (or .cse1 .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse4 .cse5))) [2022-11-23 15:35:36,074 INFO L895 garLoopResultBuilder]: At program point L237(line 237) the Hoare annotation is: (let ((.cse4 (= |processEnvironment__wrappee__highWaterSensor_~tmp~2#1| 0)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (<= ~waterLevel~0 2))) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 (not (<= ~waterLevel~0 1)) .cse3 (and .cse4 .cse5)) (or .cse0 .cse1 (not (= 2 ~waterLevel~0)) .cse2 .cse5 .cse3) (or (and (or .cse4 (<= 2 ~waterLevel~0)) .cse5) .cse0 .cse1 .cse6 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse1 .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse6 .cse3))) [2022-11-23 15:35:36,074 INFO L899 garLoopResultBuilder]: For program point L231(lines 231 239) no Hoare annotation was computed. [2022-11-23 15:35:36,075 INFO L895 garLoopResultBuilder]: At program point L227(lines 227 244) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (<= ~waterLevel~0 2))) (.cse5 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse3 (not (= ~methaneLevelCritical~0 1)) .cse4 .cse5) (or .cse1 .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse5 (= ~pumpRunning~0 1)))) [2022-11-23 15:35:36,075 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 465 476) no Hoare annotation was computed. [2022-11-23 15:35:36,075 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 465 476) the Hoare annotation is: (let ((.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse8 (not (= 0 ~systemActive~0))) (.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse10 (not (= ~pumpRunning~0 1))) (.cse6 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse1 (not (= ~pumpRunning~0 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse9 (not (= ~methaneLevelCritical~0 1))) (.cse5 (not (= |old(~waterLevel~0)| 2))) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse1 .cse2 .cse3 .cse5 .cse4) (or .cse1 .cse3 .cse6 .cse4 .cse7 .cse8) (or .cse1 .cse9 .cse6 .cse4 .cse7 .cse8) (or .cse2 .cse3 .cse10 .cse5 .cse4) (or .cse0 .cse1 .cse2 .cse9 .cse4) (or .cse0 .cse2 .cse3 .cse10 .cse6 .cse4) (or .cse1 .cse2 .cse9 .cse5 .cse4))) [2022-11-23 15:35:36,075 INFO L902 garLoopResultBuilder]: At program point isMethaneAlarmENTRY(lines 333 343) the Hoare annotation is: true [2022-11-23 15:35:36,075 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 333 343) no Hoare annotation was computed. [2022-11-23 15:35:36,079 INFO L444 BasicCegarLoop]: Path program histogram: [3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:35:36,081 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-23 15:35:36,154 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 23.11 03:35:36 BoogieIcfgContainer [2022-11-23 15:35:36,154 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-23 15:35:36,155 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-23 15:35:36,155 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-23 15:35:36,155 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-23 15:35:36,156 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 03:32:30" (3/4) ... [2022-11-23 15:35:36,163 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-23 15:35:36,175 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-23 15:35:36,175 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-23 15:35:36,175 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-23 15:35:36,175 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-23 15:35:36,176 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-23 15:35:36,176 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 15:35:36,176 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-23 15:35:36,176 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2022-11-23 15:35:36,177 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-23 15:35:36,177 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2022-11-23 15:35:36,184 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 54 nodes and edges [2022-11-23 15:35:36,187 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 14 nodes and edges [2022-11-23 15:35:36,188 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-23 15:35:36,189 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 15:35:36,189 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 15:35:36,225 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && aux-isPumpRunning()-aux == pumpRunning)) || !(methaneLevelCritical == 1)) || \old(switchedOnBeforeTS) == 0) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(methaneLevelCritical == 0)) || ((\old(waterLevel) == waterLevel && aux-isPumpRunning()-aux == pumpRunning) && pumpRunning == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(\old(waterLevel) == 2)) || (!(\old(pumpRunning) == 0) && !(methaneLevelCritical == 0))) || pumpRunning == switchedOnBeforeTS) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 0 == systemActive) && aux-isPumpRunning()-aux == pumpRunning)) || !(0 == systemActive))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || (((\old(waterLevel) == waterLevel && pumpRunning == switchedOnBeforeTS) && aux-isPumpRunning()-aux == pumpRunning) && pumpRunning == 1)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || (!(\old(pumpRunning) == 0) && !(methaneLevelCritical == 0))) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning) && !(0 == systemActive))) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning) && !(0 == systemActive))) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || pumpRunning == switchedOnBeforeTS) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 0 == systemActive) && aux-isPumpRunning()-aux == pumpRunning)) || !(0 == systemActive)) [2022-11-23 15:35:36,227 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || (2 == waterLevel && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(switchedOnBeforeTS) == 0)) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical) && pumpRunning == 1)) [2022-11-23 15:35:36,229 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp___0 == 0) && !(0 == systemActive)) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(switchedOnBeforeTS) == 0) && ((((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp___0 == 0) && !(0 == systemActive)) && tmp == methaneLevelCritical) || ((((tmp == waterLevel && (!(methaneLevelCritical == 0) || pumpRunning == 1)) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)) && tmp == 2)) || !(methaneLevelCritical == 0)) || (pumpRunning == 1 && tmp == 2)) || !(\old(waterLevel) == 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || (((((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 0 == systemActive) && tmp___0 == 0) && pumpRunning == switchedOnBeforeTS)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || (2 == waterLevel && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (((((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && tmp___0 == 0) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || !(\old(waterLevel) <= 2))) && (((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp___0 == 0) && !(0 == systemActive)) && tmp == methaneLevelCritical) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(pumpRunning) == 0) && tmp == 2)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && tmp == 2)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || (2 == waterLevel && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || (((((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && tmp___0 == 0) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && ((((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp___0 == 0) && !(0 == systemActive)) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || ((((tmp == waterLevel && (!(methaneLevelCritical == 0) || pumpRunning == 1)) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 1)) || tmp___0 == 0) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(0 == systemActive)) [2022-11-23 15:35:36,229 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1))) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) [2022-11-23 15:35:36,229 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && (((((!(\old(pumpRunning) == 0) || (2 == waterLevel && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && (((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(switchedOnBeforeTS) == 0)) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical) && pumpRunning == 1))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) [2022-11-23 15:35:36,230 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || !(methaneLevelCritical == 1)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)))) && (((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) || pumpRunning == 1) [2022-11-23 15:35:36,230 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || !(methaneLevelCritical == 1)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)))) && (((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) || pumpRunning == 1) [2022-11-23 15:35:36,231 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((2 == waterLevel && methaneLevelCritical == aux-isMethaneAlarm()-aux) && pumpRunning == switchedOnBeforeTS)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((2 == waterLevel && methaneLevelCritical == aux-isMethaneAlarm()-aux) && pumpRunning == switchedOnBeforeTS)) || !(waterLevel <= 2)) || !(methaneLevelCritical == 1)) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) [2022-11-23 15:35:36,293 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/witness.graphml [2022-11-23 15:35:36,293 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-23 15:35:36,294 INFO L158 Benchmark]: Toolchain (without parser) took 187464.38ms. Allocated memory was 138.4MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 73.7MB in the beginning and 1.0GB in the end (delta: -955.6MB). Peak memory consumption was 115.1MB. Max. memory is 16.1GB. [2022-11-23 15:35:36,294 INFO L158 Benchmark]: CDTParser took 0.38ms. Allocated memory is still 138.4MB. Free memory was 106.8MB in the beginning and 106.6MB in the end (delta: 135.0kB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-23 15:35:36,295 INFO L158 Benchmark]: CACSL2BoogieTranslator took 578.76ms. Allocated memory was 138.4MB in the beginning and 190.8MB in the end (delta: 52.4MB). Free memory was 73.6MB in the beginning and 148.9MB in the end (delta: -75.3MB). Peak memory consumption was 14.1MB. Max. memory is 16.1GB. [2022-11-23 15:35:36,296 INFO L158 Benchmark]: Boogie Procedure Inliner took 68.45ms. Allocated memory is still 190.8MB. Free memory was 148.9MB in the beginning and 146.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-23 15:35:36,296 INFO L158 Benchmark]: Boogie Preprocessor took 35.14ms. Allocated memory is still 190.8MB. Free memory was 146.8MB in the beginning and 145.1MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-23 15:35:36,297 INFO L158 Benchmark]: RCFGBuilder took 795.55ms. Allocated memory is still 190.8MB. Free memory was 145.1MB in the beginning and 116.6MB in the end (delta: 28.5MB). Peak memory consumption was 29.4MB. Max. memory is 16.1GB. [2022-11-23 15:35:36,297 INFO L158 Benchmark]: TraceAbstraction took 185837.80ms. Allocated memory was 190.8MB in the beginning and 1.2GB in the end (delta: 1.0GB). Free memory was 115.7MB in the beginning and 1.0GB in the end (delta: -919.9MB). Peak memory consumption was 713.4MB. Max. memory is 16.1GB. [2022-11-23 15:35:36,297 INFO L158 Benchmark]: Witness Printer took 138.25ms. Allocated memory is still 1.2GB. Free memory was 1.0GB in the beginning and 1.0GB in the end (delta: 6.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-23 15:35:36,304 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.38ms. Allocated memory is still 138.4MB. Free memory was 106.8MB in the beginning and 106.6MB in the end (delta: 135.0kB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 578.76ms. Allocated memory was 138.4MB in the beginning and 190.8MB in the end (delta: 52.4MB). Free memory was 73.6MB in the beginning and 148.9MB in the end (delta: -75.3MB). Peak memory consumption was 14.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 68.45ms. Allocated memory is still 190.8MB. Free memory was 148.9MB in the beginning and 146.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 35.14ms. Allocated memory is still 190.8MB. Free memory was 146.8MB in the beginning and 145.1MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 795.55ms. Allocated memory is still 190.8MB. Free memory was 145.1MB in the beginning and 116.6MB in the end (delta: 28.5MB). Peak memory consumption was 29.4MB. Max. memory is 16.1GB. * TraceAbstraction took 185837.80ms. Allocated memory was 190.8MB in the beginning and 1.2GB in the end (delta: 1.0GB). Free memory was 115.7MB in the beginning and 1.0GB in the end (delta: -919.9MB). Peak memory consumption was 713.4MB. Max. memory is 16.1GB. * Witness Printer took 138.25ms. Allocated memory is still 1.2GB. Free memory was 1.0GB in the beginning and 1.0GB in the end (delta: 6.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 658]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 80 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 185.7s, OverallIterations: 13, TraceHistogramMax: 5, PathProgramHistogramMax: 3, EmptinessCheckTime: 0.1s, AutomataDifference: 23.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 83.1s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 5907 SdHoareTripleChecker+Valid, 11.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 5864 mSDsluCounter, 7112 SdHoareTripleChecker+Invalid, 9.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 5742 mSDsCounter, 3959 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 13257 IncrementalHoareTripleChecker+Invalid, 17216 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 3959 mSolverCounterUnsat, 1370 mSDtfsCounter, 13257 mSolverCounterSat, 0.2s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 2079 GetRequests, 1429 SyntacticMatches, 39 SemanticMatches, 611 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 27394 ImplicationChecksByTransitivity, 53.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=2115occurred in iteration=12, InterpolantAutomatonStates: 352, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 1.3s AutomataMinimizationTime, 13 MinimizatonAttempts, 2167 StatesRemovedByMinimization, 10 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 46 LocationsWithAnnotation, 5801 PreInvPairs, 7055 NumberOfFragments, 6723 HoareAnnotationTreeSize, 5801 FomulaSimplifications, 247857 FormulaSimplificationTreeSizeReduction, 31.8s HoareSimplificationTime, 46 FomulaSimplificationsInter, 595107 FormulaSimplificationTreeSizeReductionInter, 50.9s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.6s SatisfiabilityAnalysisTime, 8.8s InterpolantComputationTime, 1343 NumberOfCodeBlocks, 1288 NumberOfCodeBlocksAsserted, 20 NumberOfCheckSat, 1835 ConstructedInterpolants, 0 QuantifiedInterpolants, 5133 SizeOfPredicates, 47 NumberOfNonLiveVariables, 1979 ConjunctsInSsa, 137 ConjunctsInUnsatCore, 23 InterpolantComputations, 8 PerfectInterpolantSequences, 904/1098 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 202]: Loop Invariant Derived loop invariant: ((((((((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || (2 == waterLevel && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(switchedOnBeforeTS) == 0)) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical) && pumpRunning == 1)) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 555]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 565]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 431]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && 2 == waterLevel) && (methaneLevelCritical == 0 || methaneLevelCritical == 1)) && tmp == 1) && splverifierCounter == 0) || (((((pumpRunning == 0 && (methaneLevelCritical == 0 || methaneLevelCritical == 1)) && waterLevel <= 1) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0)) || (((((pumpRunning == 0 && (methaneLevelCritical == 0 || methaneLevelCritical == 1)) && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2) && pumpRunning == switchedOnBeforeTS) - InvariantResult [Line: 275]: Loop Invariant Derived loop invariant: ((((((((((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && (((((!(\old(pumpRunning) == 0) || (2 == waterLevel && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && (((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(switchedOnBeforeTS) == 0)) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical) && pumpRunning == 1))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) - InvariantResult [Line: 117]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 227]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || !(methaneLevelCritical == 1)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)))) && (((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) || pumpRunning == 1) - InvariantResult [Line: 72]: Loop Invariant Derived loop invariant: ((((((((((((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp___0 == 0) && !(0 == systemActive)) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(switchedOnBeforeTS) == 0) && ((((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp___0 == 0) && !(0 == systemActive)) && tmp == methaneLevelCritical) || ((((tmp == waterLevel && (!(methaneLevelCritical == 0) || pumpRunning == 1)) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)) && tmp == 2)) || !(methaneLevelCritical == 0)) || (pumpRunning == 1 && tmp == 2)) || !(\old(waterLevel) == 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || (((((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 0 == systemActive) && tmp___0 == 0) && pumpRunning == switchedOnBeforeTS)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || (2 == waterLevel && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (((((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && tmp___0 == 0) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || !(\old(waterLevel) <= 2))) && (((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp___0 == 0) && !(0 == systemActive)) && tmp == methaneLevelCritical) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(pumpRunning) == 0) && tmp == 2)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && tmp == 2)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || (2 == waterLevel && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || (((((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && tmp___0 == 0) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && ((((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp___0 == 0) && !(0 == systemActive)) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || ((((tmp == waterLevel && (!(methaneLevelCritical == 0) || pumpRunning == 1)) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 1)) || tmp___0 == 0) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(0 == systemActive)) - InvariantResult [Line: 658]: Loop Invariant Derived loop invariant: (((((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1))) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) - InvariantResult [Line: 108]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 333]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 118]: Loop Invariant Derived loop invariant: (((((((((((!(pumpRunning == 0) && (!(methaneLevelCritical == 0) || pumpRunning == 1)) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && (pumpRunning == 0 || methaneLevelCritical == 0)) || (((((((!(pumpRunning == 0) && (!(methaneLevelCritical == 0) || pumpRunning == 1)) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) && waterLevel <= 0) && pumpRunning == switchedOnBeforeTS) && (pumpRunning == 0 || methaneLevelCritical == 0))) || (((((pumpRunning == 0 && 2 == waterLevel) && (methaneLevelCritical == 0 || methaneLevelCritical == 1)) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0)) || (((((pumpRunning == 0 && (methaneLevelCritical == 0 || methaneLevelCritical == 1)) && waterLevel <= 1) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0)) || ((((((pumpRunning == 0 && (methaneLevelCritical == 0 || methaneLevelCritical == 1)) && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || ((((((2 == waterLevel && (methaneLevelCritical == 0 || methaneLevelCritical == 1)) && (!(methaneLevelCritical == 0) || pumpRunning == 1)) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) && (pumpRunning == 0 || methaneLevelCritical == 0)) - InvariantResult [Line: 67]: Loop Invariant Derived loop invariant: (((((((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && aux-isPumpRunning()-aux == pumpRunning)) || !(methaneLevelCritical == 1)) || \old(switchedOnBeforeTS) == 0) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(methaneLevelCritical == 0)) || ((\old(waterLevel) == waterLevel && aux-isPumpRunning()-aux == pumpRunning) && pumpRunning == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(\old(waterLevel) == 2)) || (!(\old(pumpRunning) == 0) && !(methaneLevelCritical == 0))) || pumpRunning == switchedOnBeforeTS) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 0 == systemActive) && aux-isPumpRunning()-aux == pumpRunning)) || !(0 == systemActive))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || (((\old(waterLevel) == waterLevel && pumpRunning == switchedOnBeforeTS) && aux-isPumpRunning()-aux == pumpRunning) && pumpRunning == 1)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || (!(\old(pumpRunning) == 0) && !(methaneLevelCritical == 0))) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning) && !(0 == systemActive))) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning) && !(0 == systemActive))) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || pumpRunning == switchedOnBeforeTS) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 0 == systemActive) && aux-isPumpRunning()-aux == pumpRunning)) || !(0 == systemActive)) - InvariantResult [Line: 148]: Loop Invariant Derived loop invariant: (((((((((methaneLevelCritical == 0 && waterLevel <= 1) && (!(methaneLevelCritical == 0) || pumpRunning == 1)) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) && pumpRunning == switchedOnBeforeTS) || (((((1 == systemActive && tmp == 1) && methaneLevelCritical == 1) && splverifierCounter == 0) && waterLevel <= 2) && pumpRunning == switchedOnBeforeTS)) || (((((2 == waterLevel && (methaneLevelCritical == 0 || methaneLevelCritical == 1)) && (!(methaneLevelCritical == 0) || pumpRunning == 1)) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0)) || (((((pumpRunning == 0 && (methaneLevelCritical == 0 || methaneLevelCritical == 1)) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2)) || ((((((pumpRunning == 0 && (methaneLevelCritical == 0 || methaneLevelCritical == 1)) && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS) - InvariantResult [Line: 313]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((2 == waterLevel && methaneLevelCritical == aux-isMethaneAlarm()-aux) && pumpRunning == switchedOnBeforeTS)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((2 == waterLevel && methaneLevelCritical == aux-isMethaneAlarm()-aux) && pumpRunning == switchedOnBeforeTS)) || !(waterLevel <= 2)) || !(methaneLevelCritical == 1)) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) - InvariantResult [Line: 640]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && tmp == 1) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS - InvariantResult [Line: 640]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 253]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || !(methaneLevelCritical == 1)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)))) && (((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) || pumpRunning == 1) RESULT: Ultimate proved your program to be correct! [2022-11-23 15:35:36,363 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_50916348-08bc-40ee-b755-fcffd5ec5f47/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE