./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec2_product48.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 2329fc70 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec2_product48.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 797436b26f0180d1dd4048b2036765c1f76ffc9f34d72e35837e9efcc5780486 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-2329fc7 [2022-12-14 15:25:03,194 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-12-14 15:25:03,196 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-12-14 15:25:03,209 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-12-14 15:25:03,209 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-12-14 15:25:03,210 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-12-14 15:25:03,211 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-12-14 15:25:03,212 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-12-14 15:25:03,213 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-12-14 15:25:03,214 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-12-14 15:25:03,215 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-12-14 15:25:03,216 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-12-14 15:25:03,216 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-12-14 15:25:03,217 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-12-14 15:25:03,217 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-12-14 15:25:03,218 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-12-14 15:25:03,219 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-12-14 15:25:03,220 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-12-14 15:25:03,221 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-12-14 15:25:03,222 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-12-14 15:25:03,223 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-12-14 15:25:03,224 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-12-14 15:25:03,226 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-12-14 15:25:03,226 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-12-14 15:25:03,230 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-12-14 15:25:03,231 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-12-14 15:25:03,231 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-12-14 15:25:03,232 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-12-14 15:25:03,232 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-12-14 15:25:03,234 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-12-14 15:25:03,234 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-12-14 15:25:03,235 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-12-14 15:25:03,235 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-12-14 15:25:03,236 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-12-14 15:25:03,237 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-12-14 15:25:03,237 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-12-14 15:25:03,238 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-12-14 15:25:03,238 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-12-14 15:25:03,238 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-12-14 15:25:03,239 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-12-14 15:25:03,239 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-12-14 15:25:03,240 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-12-14 15:25:03,263 INFO L113 SettingsManager]: Loading preferences was successful [2022-12-14 15:25:03,263 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-12-14 15:25:03,263 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-12-14 15:25:03,263 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-12-14 15:25:03,264 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-12-14 15:25:03,264 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-12-14 15:25:03,264 INFO L138 SettingsManager]: * User list type=DISABLED [2022-12-14 15:25:03,265 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-12-14 15:25:03,265 INFO L138 SettingsManager]: * Explicit value domain=true [2022-12-14 15:25:03,265 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-12-14 15:25:03,265 INFO L138 SettingsManager]: * Octagon Domain=false [2022-12-14 15:25:03,266 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-12-14 15:25:03,266 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-12-14 15:25:03,266 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-12-14 15:25:03,266 INFO L138 SettingsManager]: * Interval Domain=false [2022-12-14 15:25:03,266 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-12-14 15:25:03,266 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-12-14 15:25:03,267 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-12-14 15:25:03,267 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-12-14 15:25:03,267 INFO L138 SettingsManager]: * sizeof long=4 [2022-12-14 15:25:03,267 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-12-14 15:25:03,267 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-12-14 15:25:03,268 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-12-14 15:25:03,268 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-12-14 15:25:03,268 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-12-14 15:25:03,268 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-12-14 15:25:03,268 INFO L138 SettingsManager]: * sizeof long double=12 [2022-12-14 15:25:03,268 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-12-14 15:25:03,269 INFO L138 SettingsManager]: * Use constant arrays=true [2022-12-14 15:25:03,269 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-12-14 15:25:03,269 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-12-14 15:25:03,269 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-12-14 15:25:03,269 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-12-14 15:25:03,269 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-12-14 15:25:03,269 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-12-14 15:25:03,270 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-12-14 15:25:03,270 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-12-14 15:25:03,270 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-12-14 15:25:03,270 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-12-14 15:25:03,270 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-12-14 15:25:03,270 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-12-14 15:25:03,270 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 797436b26f0180d1dd4048b2036765c1f76ffc9f34d72e35837e9efcc5780486 [2022-12-14 15:25:03,457 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-12-14 15:25:03,478 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-12-14 15:25:03,480 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-12-14 15:25:03,481 INFO L271 PluginConnector]: Initializing CDTParser... [2022-12-14 15:25:03,481 INFO L275 PluginConnector]: CDTParser initialized [2022-12-14 15:25:03,483 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/../../sv-benchmarks/c/product-lines/minepump_spec2_product48.cil.c [2022-12-14 15:25:06,069 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-12-14 15:25:06,248 INFO L351 CDTParser]: Found 1 translation units. [2022-12-14 15:25:06,248 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/sv-benchmarks/c/product-lines/minepump_spec2_product48.cil.c [2022-12-14 15:25:06,257 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/data/fd3df61e7/49e59e22d83a4152b9d632cd766037c8/FLAG8ddbdd944 [2022-12-14 15:25:06,644 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/data/fd3df61e7/49e59e22d83a4152b9d632cd766037c8 [2022-12-14 15:25:06,646 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-12-14 15:25:06,647 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-12-14 15:25:06,648 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-12-14 15:25:06,648 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-12-14 15:25:06,651 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-12-14 15:25:06,651 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:06,652 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6f879571 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06, skipping insertion in model container [2022-12-14 15:25:06,652 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:06,657 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-12-14 15:25:06,689 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-12-14 15:25:06,891 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/sv-benchmarks/c/product-lines/minepump_spec2_product48.cil.c[17766,17779] [2022-12-14 15:25:06,900 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-12-14 15:25:06,909 INFO L203 MainTranslator]: Completed pre-run [2022-12-14 15:25:06,948 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/sv-benchmarks/c/product-lines/minepump_spec2_product48.cil.c[17766,17779] [2022-12-14 15:25:06,950 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-12-14 15:25:06,962 INFO L208 MainTranslator]: Completed translation [2022-12-14 15:25:06,962 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06 WrapperNode [2022-12-14 15:25:06,962 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-12-14 15:25:06,963 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-12-14 15:25:06,963 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-12-14 15:25:06,963 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-12-14 15:25:06,968 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:06,980 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:06,999 INFO L138 Inliner]: procedures = 57, calls = 103, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 196 [2022-12-14 15:25:07,000 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-12-14 15:25:07,000 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-12-14 15:25:07,000 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-12-14 15:25:07,000 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-12-14 15:25:07,009 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:07,009 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:07,010 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:07,010 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:07,013 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:07,016 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:07,017 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:07,018 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:07,020 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-12-14 15:25:07,021 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-12-14 15:25:07,021 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-12-14 15:25:07,021 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-12-14 15:25:07,021 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (1/1) ... [2022-12-14 15:25:07,026 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-12-14 15:25:07,035 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 [2022-12-14 15:25:07,046 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-12-14 15:25:07,048 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-12-14 15:25:07,082 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-12-14 15:25:07,082 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-12-14 15:25:07,082 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-12-14 15:25:07,082 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-12-14 15:25:07,082 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-12-14 15:25:07,082 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-12-14 15:25:07,083 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-12-14 15:25:07,083 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-12-14 15:25:07,083 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-12-14 15:25:07,083 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-12-14 15:25:07,083 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-12-14 15:25:07,083 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-12-14 15:25:07,083 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-12-14 15:25:07,083 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-12-14 15:25:07,084 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-12-14 15:25:07,084 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-12-14 15:25:07,084 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-12-14 15:25:07,084 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-12-14 15:25:07,084 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-12-14 15:25:07,084 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-12-14 15:25:07,084 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-12-14 15:25:07,084 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-12-14 15:25:07,143 INFO L235 CfgBuilder]: Building ICFG [2022-12-14 15:25:07,145 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-12-14 15:25:07,363 INFO L276 CfgBuilder]: Performing block encoding [2022-12-14 15:25:07,439 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-12-14 15:25:07,439 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-12-14 15:25:07,441 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.12 03:25:07 BoogieIcfgContainer [2022-12-14 15:25:07,441 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-12-14 15:25:07,443 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-12-14 15:25:07,444 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-12-14 15:25:07,446 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-12-14 15:25:07,446 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 14.12 03:25:06" (1/3) ... [2022-12-14 15:25:07,447 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@42cd2957 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.12 03:25:07, skipping insertion in model container [2022-12-14 15:25:07,447 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 03:25:06" (2/3) ... [2022-12-14 15:25:07,447 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@42cd2957 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.12 03:25:07, skipping insertion in model container [2022-12-14 15:25:07,447 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.12 03:25:07" (3/3) ... [2022-12-14 15:25:07,448 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product48.cil.c [2022-12-14 15:25:07,463 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-12-14 15:25:07,463 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-12-14 15:25:07,499 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-12-14 15:25:07,503 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@541ffb2e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-12-14 15:25:07,504 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-12-14 15:25:07,507 INFO L276 IsEmpty]: Start isEmpty. Operand has 72 states, 45 states have (on average 1.4222222222222223) internal successors, (64), 54 states have internal predecessors, (64), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) [2022-12-14 15:25:07,513 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-12-14 15:25:07,514 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 15:25:07,514 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 15:25:07,514 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 15:25:07,518 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 15:25:07,518 INFO L85 PathProgramCache]: Analyzing trace with hash -1582563513, now seen corresponding path program 1 times [2022-12-14 15:25:07,525 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 15:25:07,526 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1544511752] [2022-12-14 15:25:07,526 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:07,526 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 15:25:07,603 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:07,647 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-12-14 15:25:07,648 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 15:25:07,648 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1544511752] [2022-12-14 15:25:07,649 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1544511752] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 15:25:07,649 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 15:25:07,649 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-12-14 15:25:07,650 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [544524754] [2022-12-14 15:25:07,650 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 15:25:07,653 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-12-14 15:25:07,654 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 15:25:07,674 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-12-14 15:25:07,674 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-12-14 15:25:07,676 INFO L87 Difference]: Start difference. First operand has 72 states, 45 states have (on average 1.4222222222222223) internal successors, (64), 54 states have internal predecessors, (64), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-12-14 15:25:07,733 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 15:25:07,733 INFO L93 Difference]: Finished difference Result 142 states and 193 transitions. [2022-12-14 15:25:07,734 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-12-14 15:25:07,735 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-12-14 15:25:07,735 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 15:25:07,741 INFO L225 Difference]: With dead ends: 142 [2022-12-14 15:25:07,741 INFO L226 Difference]: Without dead ends: 67 [2022-12-14 15:25:07,743 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-12-14 15:25:07,745 INFO L413 NwaCegarLoop]: 75 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 75 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-12-14 15:25:07,746 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 75 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-12-14 15:25:07,758 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-12-14 15:25:07,772 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-12-14 15:25:07,773 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 42 states have (on average 1.3333333333333333) internal successors, (56), 50 states have internal predecessors, (56), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 12 states have call predecessors, (15), 15 states have call successors, (15) [2022-12-14 15:25:07,774 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 87 transitions. [2022-12-14 15:25:07,775 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 87 transitions. Word has length 17 [2022-12-14 15:25:07,775 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 15:25:07,776 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 87 transitions. [2022-12-14 15:25:07,776 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-12-14 15:25:07,776 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 87 transitions. [2022-12-14 15:25:07,777 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-12-14 15:25:07,777 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 15:25:07,777 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 15:25:07,777 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-12-14 15:25:07,778 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 15:25:07,778 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 15:25:07,778 INFO L85 PathProgramCache]: Analyzing trace with hash -2020919509, now seen corresponding path program 1 times [2022-12-14 15:25:07,778 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 15:25:07,778 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [414094437] [2022-12-14 15:25:07,778 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:07,779 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 15:25:07,791 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:07,846 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-12-14 15:25:07,846 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 15:25:07,847 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [414094437] [2022-12-14 15:25:07,847 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [414094437] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 15:25:07,847 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 15:25:07,847 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-12-14 15:25:07,847 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1210486313] [2022-12-14 15:25:07,847 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 15:25:07,848 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-12-14 15:25:07,849 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 15:25:07,849 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-12-14 15:25:07,850 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 15:25:07,850 INFO L87 Difference]: Start difference. First operand 67 states and 87 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-12-14 15:25:07,886 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 15:25:07,886 INFO L93 Difference]: Finished difference Result 106 states and 136 transitions. [2022-12-14 15:25:07,886 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-12-14 15:25:07,886 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2022-12-14 15:25:07,887 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 15:25:07,888 INFO L225 Difference]: With dead ends: 106 [2022-12-14 15:25:07,888 INFO L226 Difference]: Without dead ends: 59 [2022-12-14 15:25:07,888 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 15:25:07,889 INFO L413 NwaCegarLoop]: 61 mSDtfsCounter, 14 mSDsluCounter, 45 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 106 SdHoareTripleChecker+Invalid, 26 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-12-14 15:25:07,889 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 106 Invalid, 26 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-12-14 15:25:07,890 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-12-14 15:25:07,894 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2022-12-14 15:25:07,894 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 37 states have (on average 1.3513513513513513) internal successors, (50), 45 states have internal predecessors, (50), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2022-12-14 15:25:07,895 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 76 transitions. [2022-12-14 15:25:07,895 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 76 transitions. Word has length 18 [2022-12-14 15:25:07,895 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 15:25:07,895 INFO L495 AbstractCegarLoop]: Abstraction has 59 states and 76 transitions. [2022-12-14 15:25:07,895 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-12-14 15:25:07,895 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 76 transitions. [2022-12-14 15:25:07,896 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-12-14 15:25:07,896 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 15:25:07,896 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 15:25:07,896 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-12-14 15:25:07,896 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 15:25:07,897 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 15:25:07,897 INFO L85 PathProgramCache]: Analyzing trace with hash -1335526526, now seen corresponding path program 1 times [2022-12-14 15:25:07,897 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 15:25:07,897 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1386637667] [2022-12-14 15:25:07,897 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:07,897 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 15:25:07,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:07,955 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-12-14 15:25:07,955 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 15:25:07,955 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1386637667] [2022-12-14 15:25:07,955 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1386637667] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 15:25:07,956 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 15:25:07,956 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-12-14 15:25:07,956 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1164226504] [2022-12-14 15:25:07,956 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 15:25:07,956 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-12-14 15:25:07,956 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 15:25:07,957 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-12-14 15:25:07,957 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 15:25:07,957 INFO L87 Difference]: Start difference. First operand 59 states and 76 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-12-14 15:25:08,016 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 15:25:08,016 INFO L93 Difference]: Finished difference Result 173 states and 225 transitions. [2022-12-14 15:25:08,016 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-12-14 15:25:08,016 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 21 [2022-12-14 15:25:08,017 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 15:25:08,017 INFO L225 Difference]: With dead ends: 173 [2022-12-14 15:25:08,018 INFO L226 Difference]: Without dead ends: 116 [2022-12-14 15:25:08,018 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 15:25:08,019 INFO L413 NwaCegarLoop]: 82 mSDtfsCounter, 70 mSDsluCounter, 59 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 70 SdHoareTripleChecker+Valid, 141 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-12-14 15:25:08,019 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [70 Valid, 141 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-12-14 15:25:08,020 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 116 states. [2022-12-14 15:25:08,031 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 116 to 113. [2022-12-14 15:25:08,031 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 113 states, 70 states have (on average 1.3571428571428572) internal successors, (95), 85 states have internal predecessors, (95), 26 states have call successors, (26), 16 states have call predecessors, (26), 16 states have return successors, (26), 19 states have call predecessors, (26), 26 states have call successors, (26) [2022-12-14 15:25:08,032 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 113 states to 113 states and 147 transitions. [2022-12-14 15:25:08,032 INFO L78 Accepts]: Start accepts. Automaton has 113 states and 147 transitions. Word has length 21 [2022-12-14 15:25:08,032 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 15:25:08,032 INFO L495 AbstractCegarLoop]: Abstraction has 113 states and 147 transitions. [2022-12-14 15:25:08,033 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-12-14 15:25:08,033 INFO L276 IsEmpty]: Start isEmpty. Operand 113 states and 147 transitions. [2022-12-14 15:25:08,033 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-12-14 15:25:08,033 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 15:25:08,034 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 15:25:08,034 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-12-14 15:25:08,034 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 15:25:08,034 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 15:25:08,034 INFO L85 PathProgramCache]: Analyzing trace with hash -934095120, now seen corresponding path program 1 times [2022-12-14 15:25:08,034 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 15:25:08,034 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [132682710] [2022-12-14 15:25:08,035 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:08,035 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 15:25:08,047 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:08,127 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-12-14 15:25:08,128 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 15:25:08,128 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [132682710] [2022-12-14 15:25:08,128 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [132682710] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 15:25:08,128 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 15:25:08,128 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-12-14 15:25:08,128 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [74363531] [2022-12-14 15:25:08,129 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 15:25:08,129 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-12-14 15:25:08,129 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 15:25:08,130 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-12-14 15:25:08,130 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-12-14 15:25:08,130 INFO L87 Difference]: Start difference. First operand 113 states and 147 transitions. Second operand has 6 states, 5 states have (on average 4.2) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-12-14 15:25:08,251 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 15:25:08,251 INFO L93 Difference]: Finished difference Result 331 states and 434 transitions. [2022-12-14 15:25:08,252 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-12-14 15:25:08,252 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.2) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-12-14 15:25:08,252 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 15:25:08,253 INFO L225 Difference]: With dead ends: 331 [2022-12-14 15:25:08,253 INFO L226 Difference]: Without dead ends: 220 [2022-12-14 15:25:08,254 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-12-14 15:25:08,255 INFO L413 NwaCegarLoop]: 72 mSDtfsCounter, 52 mSDsluCounter, 245 mSDsCounter, 0 mSdLazyCounter, 111 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 317 SdHoareTripleChecker+Invalid, 112 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 111 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-12-14 15:25:08,255 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 317 Invalid, 112 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 111 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-12-14 15:25:08,256 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 220 states. [2022-12-14 15:25:08,274 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 220 to 212. [2022-12-14 15:25:08,275 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 212 states, 131 states have (on average 1.3358778625954197) internal successors, (175), 158 states have internal predecessors, (175), 50 states have call successors, (50), 30 states have call predecessors, (50), 30 states have return successors, (50), 36 states have call predecessors, (50), 50 states have call successors, (50) [2022-12-14 15:25:08,276 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 212 states to 212 states and 275 transitions. [2022-12-14 15:25:08,276 INFO L78 Accepts]: Start accepts. Automaton has 212 states and 275 transitions. Word has length 24 [2022-12-14 15:25:08,276 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 15:25:08,276 INFO L495 AbstractCegarLoop]: Abstraction has 212 states and 275 transitions. [2022-12-14 15:25:08,277 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.2) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-12-14 15:25:08,277 INFO L276 IsEmpty]: Start isEmpty. Operand 212 states and 275 transitions. [2022-12-14 15:25:08,278 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-12-14 15:25:08,278 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 15:25:08,278 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 15:25:08,278 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-12-14 15:25:08,278 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 15:25:08,279 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 15:25:08,279 INFO L85 PathProgramCache]: Analyzing trace with hash -1246008080, now seen corresponding path program 1 times [2022-12-14 15:25:08,279 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 15:25:08,279 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [848164817] [2022-12-14 15:25:08,279 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:08,279 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 15:25:08,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:08,331 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-12-14 15:25:08,331 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 15:25:08,331 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [848164817] [2022-12-14 15:25:08,331 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [848164817] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 15:25:08,331 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 15:25:08,331 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-12-14 15:25:08,332 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [693572177] [2022-12-14 15:25:08,332 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 15:25:08,332 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-12-14 15:25:08,332 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 15:25:08,333 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-12-14 15:25:08,333 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 15:25:08,333 INFO L87 Difference]: Start difference. First operand 212 states and 275 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-12-14 15:25:08,389 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 15:25:08,389 INFO L93 Difference]: Finished difference Result 323 states and 424 transitions. [2022-12-14 15:25:08,390 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-12-14 15:25:08,390 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 27 [2022-12-14 15:25:08,390 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 15:25:08,392 INFO L225 Difference]: With dead ends: 323 [2022-12-14 15:25:08,392 INFO L226 Difference]: Without dead ends: 321 [2022-12-14 15:25:08,392 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 15:25:08,393 INFO L413 NwaCegarLoop]: 73 mSDtfsCounter, 51 mSDsluCounter, 58 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 131 SdHoareTripleChecker+Invalid, 36 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-12-14 15:25:08,393 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [51 Valid, 131 Invalid, 36 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-12-14 15:25:08,394 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 321 states. [2022-12-14 15:25:08,417 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 321 to 321. [2022-12-14 15:25:08,417 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 321 states, 198 states have (on average 1.3383838383838385) internal successors, (265), 239 states have internal predecessors, (265), 76 states have call successors, (76), 46 states have call predecessors, (76), 46 states have return successors, (80), 55 states have call predecessors, (80), 76 states have call successors, (80) [2022-12-14 15:25:08,419 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 321 states to 321 states and 421 transitions. [2022-12-14 15:25:08,419 INFO L78 Accepts]: Start accepts. Automaton has 321 states and 421 transitions. Word has length 27 [2022-12-14 15:25:08,419 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 15:25:08,419 INFO L495 AbstractCegarLoop]: Abstraction has 321 states and 421 transitions. [2022-12-14 15:25:08,419 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-12-14 15:25:08,420 INFO L276 IsEmpty]: Start isEmpty. Operand 321 states and 421 transitions. [2022-12-14 15:25:08,421 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-12-14 15:25:08,422 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 15:25:08,422 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 15:25:08,422 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-12-14 15:25:08,422 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 15:25:08,422 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 15:25:08,422 INFO L85 PathProgramCache]: Analyzing trace with hash 800761194, now seen corresponding path program 1 times [2022-12-14 15:25:08,423 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 15:25:08,423 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [944323163] [2022-12-14 15:25:08,423 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:08,423 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 15:25:08,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:08,580 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-12-14 15:25:08,580 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 15:25:08,580 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [944323163] [2022-12-14 15:25:08,581 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [944323163] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 15:25:08,581 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 15:25:08,581 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-12-14 15:25:08,581 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1250999606] [2022-12-14 15:25:08,581 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 15:25:08,582 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-12-14 15:25:08,582 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 15:25:08,582 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-12-14 15:25:08,582 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-12-14 15:25:08,583 INFO L87 Difference]: Start difference. First operand 321 states and 421 transitions. Second operand has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 6 states have internal predecessors, (38), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-12-14 15:25:08,968 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 15:25:08,968 INFO L93 Difference]: Finished difference Result 1038 states and 1380 transitions. [2022-12-14 15:25:08,968 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2022-12-14 15:25:08,969 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 6 states have internal predecessors, (38), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 48 [2022-12-14 15:25:08,969 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 15:25:08,973 INFO L225 Difference]: With dead ends: 1038 [2022-12-14 15:25:08,973 INFO L226 Difference]: Without dead ends: 719 [2022-12-14 15:25:08,976 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 17 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=45, Invalid=111, Unknown=0, NotChecked=0, Total=156 [2022-12-14 15:25:08,977 INFO L413 NwaCegarLoop]: 69 mSDtfsCounter, 121 mSDsluCounter, 145 mSDsCounter, 0 mSdLazyCounter, 250 mSolverCounterSat, 65 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 122 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 315 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 65 IncrementalHoareTripleChecker+Valid, 250 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-12-14 15:25:08,978 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [122 Valid, 214 Invalid, 315 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [65 Valid, 250 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-12-14 15:25:08,979 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 719 states. [2022-12-14 15:25:09,058 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 719 to 664. [2022-12-14 15:25:09,059 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 664 states, 436 states have (on average 1.2454128440366972) internal successors, (543), 475 states have internal predecessors, (543), 116 states have call successors, (116), 95 states have call predecessors, (116), 111 states have return successors, (162), 117 states have call predecessors, (162), 116 states have call successors, (162) [2022-12-14 15:25:09,062 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 664 states to 664 states and 821 transitions. [2022-12-14 15:25:09,062 INFO L78 Accepts]: Start accepts. Automaton has 664 states and 821 transitions. Word has length 48 [2022-12-14 15:25:09,062 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 15:25:09,062 INFO L495 AbstractCegarLoop]: Abstraction has 664 states and 821 transitions. [2022-12-14 15:25:09,062 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 6 states have internal predecessors, (38), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-12-14 15:25:09,062 INFO L276 IsEmpty]: Start isEmpty. Operand 664 states and 821 transitions. [2022-12-14 15:25:09,064 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2022-12-14 15:25:09,065 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 15:25:09,065 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 15:25:09,065 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-12-14 15:25:09,065 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 15:25:09,066 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 15:25:09,066 INFO L85 PathProgramCache]: Analyzing trace with hash 1304590327, now seen corresponding path program 1 times [2022-12-14 15:25:09,066 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 15:25:09,066 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [817621467] [2022-12-14 15:25:09,066 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:09,066 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 15:25:09,075 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:09,101 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-12-14 15:25:09,101 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 15:25:09,101 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [817621467] [2022-12-14 15:25:09,101 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [817621467] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 15:25:09,102 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 15:25:09,102 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-12-14 15:25:09,102 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2005559604] [2022-12-14 15:25:09,102 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 15:25:09,102 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-12-14 15:25:09,102 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 15:25:09,103 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-12-14 15:25:09,103 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-12-14 15:25:09,103 INFO L87 Difference]: Start difference. First operand 664 states and 821 transitions. Second operand has 4 states, 3 states have (on average 15.666666666666666) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2022-12-14 15:25:09,201 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 15:25:09,202 INFO L93 Difference]: Finished difference Result 1061 states and 1314 transitions. [2022-12-14 15:25:09,202 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-12-14 15:25:09,202 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 15.666666666666666) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) Word has length 64 [2022-12-14 15:25:09,202 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 15:25:09,204 INFO L225 Difference]: With dead ends: 1061 [2022-12-14 15:25:09,204 INFO L226 Difference]: Without dead ends: 399 [2022-12-14 15:25:09,205 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-12-14 15:25:09,206 INFO L413 NwaCegarLoop]: 82 mSDtfsCounter, 92 mSDsluCounter, 48 mSDsCounter, 0 mSdLazyCounter, 86 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 92 SdHoareTripleChecker+Valid, 130 SdHoareTripleChecker+Invalid, 90 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 86 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-12-14 15:25:09,206 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [92 Valid, 130 Invalid, 90 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 86 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-12-14 15:25:09,206 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 399 states. [2022-12-14 15:25:09,232 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 399 to 382. [2022-12-14 15:25:09,232 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 382 states, 254 states have (on average 1.236220472440945) internal successors, (314), 276 states have internal predecessors, (314), 64 states have call successors, (64), 55 states have call predecessors, (64), 63 states have return successors, (87), 66 states have call predecessors, (87), 64 states have call successors, (87) [2022-12-14 15:25:09,234 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 382 states to 382 states and 465 transitions. [2022-12-14 15:25:09,234 INFO L78 Accepts]: Start accepts. Automaton has 382 states and 465 transitions. Word has length 64 [2022-12-14 15:25:09,234 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 15:25:09,234 INFO L495 AbstractCegarLoop]: Abstraction has 382 states and 465 transitions. [2022-12-14 15:25:09,234 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 15.666666666666666) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2022-12-14 15:25:09,234 INFO L276 IsEmpty]: Start isEmpty. Operand 382 states and 465 transitions. [2022-12-14 15:25:09,235 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 75 [2022-12-14 15:25:09,235 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 15:25:09,236 INFO L195 NwaCegarLoop]: trace histogram [4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 15:25:09,236 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-12-14 15:25:09,236 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 15:25:09,236 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 15:25:09,236 INFO L85 PathProgramCache]: Analyzing trace with hash -1728748684, now seen corresponding path program 1 times [2022-12-14 15:25:09,236 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 15:25:09,236 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [238858308] [2022-12-14 15:25:09,236 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:09,237 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 15:25:09,247 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:09,511 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 9 proven. 14 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-12-14 15:25:09,512 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 15:25:09,512 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [238858308] [2022-12-14 15:25:09,512 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [238858308] provided 0 perfect and 1 imperfect interpolant sequences [2022-12-14 15:25:09,512 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1685098219] [2022-12-14 15:25:09,512 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:09,512 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 15:25:09,512 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 [2022-12-14 15:25:09,513 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-12-14 15:25:09,514 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-12-14 15:25:09,598 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:09,601 INFO L263 TraceCheckSpWp]: Trace formula consists of 326 conjuncts, 31 conjunts are in the unsatisfiable core [2022-12-14 15:25:09,607 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-12-14 15:25:09,942 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 30 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-12-14 15:25:09,943 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-12-14 15:25:10,425 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 7 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-12-14 15:25:10,426 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1685098219] provided 0 perfect and 2 imperfect interpolant sequences [2022-12-14 15:25:10,426 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1410007020] [2022-12-14 15:25:10,446 INFO L159 IcfgInterpreter]: Started Sifa with 47 locations of interest [2022-12-14 15:25:10,446 INFO L166 IcfgInterpreter]: Building call graph [2022-12-14 15:25:10,450 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-12-14 15:25:10,456 INFO L176 IcfgInterpreter]: Starting interpretation [2022-12-14 15:25:10,456 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-12-14 15:25:12,914 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 34 for LOIs [2022-12-14 15:25:13,112 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 28 for LOIs [2022-12-14 15:25:13,185 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 53 for LOIs [2022-12-14 15:25:13,250 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 27 for LOIs [2022-12-14 15:25:13,252 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 140 for LOIs [2022-12-14 15:25:13,267 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 29 for LOIs [2022-12-14 15:25:13,269 INFO L180 IcfgInterpreter]: Interpretation finished [2022-12-14 15:25:19,204 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '8130#(and (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~2#1|) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~6#1|) (<= ~methaneLevelCritical~0 1) (<= 0 |old(~pumpRunning~0)|) (<= ~pumpRunning~0 1) (<= |old(~pumpRunning~0)| 1) (= ~head~0.offset 0) (<= |#NULL.offset| 0) (= 1 ~systemActive~0) (<= 0 ~methAndRunningLastTime~0) (<= 0 |old(~methAndRunningLastTime~0)|) (<= |old(~methAndRunningLastTime~0)| 1) (<= 0 ~head~0.base) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~6#1|) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~2#1| 0)) (<= 0 ~pumpRunning~0) (<= ~head~0.base 0) (<= 0 |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1|) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| ~methaneLevelCritical~0) (<= 0 |#NULL.offset|) (not (= ~methAndRunningLastTime~0 0)) (<= ~methAndRunningLastTime~0 1) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| 0)) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-12-14 15:25:19,204 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-12-14 15:25:19,204 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-12-14 15:25:19,204 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [17, 12, 11] total 34 [2022-12-14 15:25:19,204 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [811269703] [2022-12-14 15:25:19,204 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-12-14 15:25:19,205 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 34 states [2022-12-14 15:25:19,205 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 15:25:19,206 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 34 interpolants. [2022-12-14 15:25:19,209 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=472, Invalid=4358, Unknown=0, NotChecked=0, Total=4830 [2022-12-14 15:25:19,210 INFO L87 Difference]: Start difference. First operand 382 states and 465 transitions. Second operand has 34 states, 23 states have (on average 4.086956521739131) internal successors, (94), 25 states have internal predecessors, (94), 10 states have call successors, (22), 6 states have call predecessors, (22), 17 states have return successors, (25), 15 states have call predecessors, (25), 10 states have call successors, (25) [2022-12-14 15:25:22,932 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 15:25:22,932 INFO L93 Difference]: Finished difference Result 1538 states and 2116 transitions. [2022-12-14 15:25:22,933 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 88 states. [2022-12-14 15:25:22,933 INFO L78 Accepts]: Start accepts. Automaton has has 34 states, 23 states have (on average 4.086956521739131) internal successors, (94), 25 states have internal predecessors, (94), 10 states have call successors, (22), 6 states have call predecessors, (22), 17 states have return successors, (25), 15 states have call predecessors, (25), 10 states have call successors, (25) Word has length 74 [2022-12-14 15:25:22,933 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 15:25:22,937 INFO L225 Difference]: With dead ends: 1538 [2022-12-14 15:25:22,937 INFO L226 Difference]: Without dead ends: 1158 [2022-12-14 15:25:22,941 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 351 GetRequests, 195 SyntacticMatches, 2 SemanticMatches, 154 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8850 ImplicationChecksByTransitivity, 8.1s TimeCoverageRelationStatistics Valid=2276, Invalid=21904, Unknown=0, NotChecked=0, Total=24180 [2022-12-14 15:25:22,942 INFO L413 NwaCegarLoop]: 98 mSDtfsCounter, 2127 mSDsluCounter, 1056 mSDsCounter, 0 mSdLazyCounter, 4268 mSolverCounterSat, 1510 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2127 SdHoareTripleChecker+Valid, 1154 SdHoareTripleChecker+Invalid, 5778 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1510 IncrementalHoareTripleChecker+Valid, 4268 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.7s IncrementalHoareTripleChecker+Time [2022-12-14 15:25:22,942 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [2127 Valid, 1154 Invalid, 5778 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1510 Valid, 4268 Invalid, 0 Unknown, 0 Unchecked, 1.7s Time] [2022-12-14 15:25:22,943 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1158 states. [2022-12-14 15:25:22,989 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1158 to 649. [2022-12-14 15:25:22,990 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 649 states, 430 states have (on average 1.2186046511627906) internal successors, (524), 466 states have internal predecessors, (524), 111 states have call successors, (111), 95 states have call predecessors, (111), 107 states have return successors, (146), 112 states have call predecessors, (146), 111 states have call successors, (146) [2022-12-14 15:25:22,992 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 649 states to 649 states and 781 transitions. [2022-12-14 15:25:22,993 INFO L78 Accepts]: Start accepts. Automaton has 649 states and 781 transitions. Word has length 74 [2022-12-14 15:25:22,993 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 15:25:22,993 INFO L495 AbstractCegarLoop]: Abstraction has 649 states and 781 transitions. [2022-12-14 15:25:22,993 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 34 states, 23 states have (on average 4.086956521739131) internal successors, (94), 25 states have internal predecessors, (94), 10 states have call successors, (22), 6 states have call predecessors, (22), 17 states have return successors, (25), 15 states have call predecessors, (25), 10 states have call successors, (25) [2022-12-14 15:25:22,993 INFO L276 IsEmpty]: Start isEmpty. Operand 649 states and 781 transitions. [2022-12-14 15:25:22,994 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 77 [2022-12-14 15:25:22,994 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 15:25:22,995 INFO L195 NwaCegarLoop]: trace histogram [4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 15:25:23,000 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-12-14 15:25:23,195 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable7 [2022-12-14 15:25:23,197 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 15:25:23,198 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 15:25:23,198 INFO L85 PathProgramCache]: Analyzing trace with hash 1806301788, now seen corresponding path program 1 times [2022-12-14 15:25:23,199 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 15:25:23,199 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [708239447] [2022-12-14 15:25:23,199 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:23,200 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 15:25:23,239 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:23,516 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 19 proven. 5 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-12-14 15:25:23,516 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 15:25:23,516 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [708239447] [2022-12-14 15:25:23,517 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [708239447] provided 0 perfect and 1 imperfect interpolant sequences [2022-12-14 15:25:23,517 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [748341601] [2022-12-14 15:25:23,517 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:23,517 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 15:25:23,517 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 [2022-12-14 15:25:23,518 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-12-14 15:25:23,519 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-12-14 15:25:23,585 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:23,587 INFO L263 TraceCheckSpWp]: Trace formula consists of 344 conjuncts, 47 conjunts are in the unsatisfiable core [2022-12-14 15:25:23,590 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-12-14 15:25:23,790 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 33 proven. 7 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-12-14 15:25:23,790 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-12-14 15:25:24,142 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 25 proven. 6 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-12-14 15:25:24,142 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [748341601] provided 0 perfect and 2 imperfect interpolant sequences [2022-12-14 15:25:24,143 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1998234687] [2022-12-14 15:25:24,145 INFO L159 IcfgInterpreter]: Started Sifa with 41 locations of interest [2022-12-14 15:25:24,145 INFO L166 IcfgInterpreter]: Building call graph [2022-12-14 15:25:24,146 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-12-14 15:25:24,146 INFO L176 IcfgInterpreter]: Starting interpretation [2022-12-14 15:25:24,146 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-12-14 15:25:26,212 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 50 for LOIs [2022-12-14 15:25:26,448 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 30 for LOIs [2022-12-14 15:25:26,545 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 29 for LOIs [2022-12-14 15:25:26,563 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 46 for LOIs [2022-12-14 15:25:26,567 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 141 for LOIs [2022-12-14 15:25:26,581 INFO L180 IcfgInterpreter]: Interpretation finished [2022-12-14 15:25:33,284 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '12096#(and (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~2#1|) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~6#1|) (<= ~methaneLevelCritical~0 1) (<= ~pumpRunning~0 1) (= ~head~0.offset 0) (<= 1 ~systemActive~0) (<= |#NULL.offset| 0) (= |old(~pumpRunning~0)| 0) (<= 2 |old(~waterLevel~0)|) (<= 0 |old(~methAndRunningLastTime~0)|) (<= 0 ~head~0.base) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~6#1|) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~2#1| 0)) (= |old(~waterLevel~0)| ~waterLevel~0) (<= 0 ~pumpRunning~0) (<= ~head~0.base 0) (<= 0 |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1|) (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| ~methaneLevelCritical~0) (<= 0 |#NULL.offset|) (not (= ~methAndRunningLastTime~0 0)) (<= ~methAndRunningLastTime~0 1) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| 0)) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-12-14 15:25:33,284 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-12-14 15:25:33,285 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-12-14 15:25:33,285 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 16, 13] total 33 [2022-12-14 15:25:33,285 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1713601521] [2022-12-14 15:25:33,285 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-12-14 15:25:33,286 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 33 states [2022-12-14 15:25:33,286 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 15:25:33,287 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 33 interpolants. [2022-12-14 15:25:33,288 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=425, Invalid=3735, Unknown=0, NotChecked=0, Total=4160 [2022-12-14 15:25:33,288 INFO L87 Difference]: Start difference. First operand 649 states and 781 transitions. Second operand has 33 states, 24 states have (on average 4.333333333333333) internal successors, (104), 24 states have internal predecessors, (104), 11 states have call successors, (22), 6 states have call predecessors, (22), 14 states have return successors, (24), 15 states have call predecessors, (24), 11 states have call successors, (24) [2022-12-14 15:25:41,127 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 15:25:41,127 INFO L93 Difference]: Finished difference Result 2686 states and 3378 transitions. [2022-12-14 15:25:41,127 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 213 states. [2022-12-14 15:25:41,128 INFO L78 Accepts]: Start accepts. Automaton has has 33 states, 24 states have (on average 4.333333333333333) internal successors, (104), 24 states have internal predecessors, (104), 11 states have call successors, (22), 6 states have call predecessors, (22), 14 states have return successors, (24), 15 states have call predecessors, (24), 11 states have call successors, (24) Word has length 76 [2022-12-14 15:25:41,128 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 15:25:41,133 INFO L225 Difference]: With dead ends: 2686 [2022-12-14 15:25:41,133 INFO L226 Difference]: Without dead ends: 2009 [2022-12-14 15:25:41,142 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 490 GetRequests, 223 SyntacticMatches, 4 SemanticMatches, 263 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 29240 ImplicationChecksByTransitivity, 12.0s TimeCoverageRelationStatistics Valid=5387, Invalid=64573, Unknown=0, NotChecked=0, Total=69960 [2022-12-14 15:25:41,142 INFO L413 NwaCegarLoop]: 210 mSDtfsCounter, 2013 mSDsluCounter, 2044 mSDsCounter, 0 mSdLazyCounter, 6387 mSolverCounterSat, 1493 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2016 SdHoareTripleChecker+Valid, 2254 SdHoareTripleChecker+Invalid, 7880 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1493 IncrementalHoareTripleChecker+Valid, 6387 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.4s IncrementalHoareTripleChecker+Time [2022-12-14 15:25:41,142 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [2016 Valid, 2254 Invalid, 7880 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1493 Valid, 6387 Invalid, 0 Unknown, 0 Unchecked, 2.4s Time] [2022-12-14 15:25:41,144 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2009 states. [2022-12-14 15:25:41,267 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2009 to 1511. [2022-12-14 15:25:41,269 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1511 states, 1024 states have (on average 1.201171875) internal successors, (1230), 1096 states have internal predecessors, (1230), 249 states have call successors, (249), 219 states have call predecessors, (249), 237 states have return successors, (321), 237 states have call predecessors, (321), 249 states have call successors, (321) [2022-12-14 15:25:41,272 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1511 states to 1511 states and 1800 transitions. [2022-12-14 15:25:41,273 INFO L78 Accepts]: Start accepts. Automaton has 1511 states and 1800 transitions. Word has length 76 [2022-12-14 15:25:41,273 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 15:25:41,273 INFO L495 AbstractCegarLoop]: Abstraction has 1511 states and 1800 transitions. [2022-12-14 15:25:41,273 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 33 states, 24 states have (on average 4.333333333333333) internal successors, (104), 24 states have internal predecessors, (104), 11 states have call successors, (22), 6 states have call predecessors, (22), 14 states have return successors, (24), 15 states have call predecessors, (24), 11 states have call successors, (24) [2022-12-14 15:25:41,273 INFO L276 IsEmpty]: Start isEmpty. Operand 1511 states and 1800 transitions. [2022-12-14 15:25:41,276 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 120 [2022-12-14 15:25:41,276 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 15:25:41,276 INFO L195 NwaCegarLoop]: trace histogram [6, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 15:25:41,281 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2022-12-14 15:25:41,477 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 15:25:41,477 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 15:25:41,477 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 15:25:41,478 INFO L85 PathProgramCache]: Analyzing trace with hash -1387688054, now seen corresponding path program 1 times [2022-12-14 15:25:41,478 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 15:25:41,478 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1697977890] [2022-12-14 15:25:41,478 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:41,478 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 15:25:41,488 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:41,650 INFO L134 CoverageAnalysis]: Checked inductivity of 113 backedges. 42 proven. 16 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2022-12-14 15:25:41,650 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 15:25:41,650 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1697977890] [2022-12-14 15:25:41,650 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1697977890] provided 0 perfect and 1 imperfect interpolant sequences [2022-12-14 15:25:41,650 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [957518068] [2022-12-14 15:25:41,650 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 15:25:41,651 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 15:25:41,651 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 [2022-12-14 15:25:41,651 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-12-14 15:25:41,652 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-12-14 15:25:41,716 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 15:25:41,717 INFO L263 TraceCheckSpWp]: Trace formula consists of 438 conjuncts, 27 conjunts are in the unsatisfiable core [2022-12-14 15:25:41,720 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-12-14 15:25:41,790 INFO L134 CoverageAnalysis]: Checked inductivity of 113 backedges. 82 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2022-12-14 15:25:41,790 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-12-14 15:25:41,790 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [957518068] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 15:25:41,790 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-12-14 15:25:41,790 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11] imperfect sequences [13] total 20 [2022-12-14 15:25:41,791 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [513255008] [2022-12-14 15:25:41,791 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 15:25:41,791 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2022-12-14 15:25:41,791 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 15:25:41,791 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2022-12-14 15:25:41,791 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=45, Invalid=335, Unknown=0, NotChecked=0, Total=380 [2022-12-14 15:25:41,792 INFO L87 Difference]: Start difference. First operand 1511 states and 1800 transitions. Second operand has 11 states, 8 states have (on average 8.375) internal successors, (67), 8 states have internal predecessors, (67), 3 states have call successors, (16), 3 states have call predecessors, (16), 6 states have return successors, (17), 6 states have call predecessors, (17), 3 states have call successors, (17) [2022-12-14 15:25:42,125 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 15:25:42,125 INFO L93 Difference]: Finished difference Result 2695 states and 3225 transitions. [2022-12-14 15:25:42,126 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2022-12-14 15:25:42,126 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 8 states have (on average 8.375) internal successors, (67), 8 states have internal predecessors, (67), 3 states have call successors, (16), 3 states have call predecessors, (16), 6 states have return successors, (17), 6 states have call predecessors, (17), 3 states have call successors, (17) Word has length 119 [2022-12-14 15:25:42,126 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 15:25:42,127 INFO L225 Difference]: With dead ends: 2695 [2022-12-14 15:25:42,127 INFO L226 Difference]: Without dead ends: 0 [2022-12-14 15:25:42,130 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 144 GetRequests, 118 SyntacticMatches, 0 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 95 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=85, Invalid=671, Unknown=0, NotChecked=0, Total=756 [2022-12-14 15:25:42,130 INFO L413 NwaCegarLoop]: 114 mSDtfsCounter, 50 mSDsluCounter, 655 mSDsCounter, 0 mSdLazyCounter, 508 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 769 SdHoareTripleChecker+Invalid, 513 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 508 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-12-14 15:25:42,130 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 769 Invalid, 513 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 508 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-12-14 15:25:42,131 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-12-14 15:25:42,131 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-12-14 15:25:42,131 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-12-14 15:25:42,131 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-12-14 15:25:42,131 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 119 [2022-12-14 15:25:42,131 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 15:25:42,131 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-12-14 15:25:42,131 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 8 states have (on average 8.375) internal successors, (67), 8 states have internal predecessors, (67), 3 states have call successors, (16), 3 states have call predecessors, (16), 6 states have return successors, (17), 6 states have call predecessors, (17), 3 states have call successors, (17) [2022-12-14 15:25:42,132 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-12-14 15:25:42,132 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-12-14 15:25:42,133 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-12-14 15:25:42,138 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2022-12-14 15:25:42,334 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-12-14 15:25:42,337 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-12-14 15:25:56,114 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 378 385) no Hoare annotation was computed. [2022-12-14 15:25:56,114 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 378 385) the Hoare annotation is: (let ((.cse1 (= 0 ~systemActive~0))) (let ((.cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not .cse1)))) (and (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1) (or .cse0 (not (= ~methaneLevelCritical~0 1)) .cse1)))) [2022-12-14 15:25:56,114 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 294 300) no Hoare annotation was computed. [2022-12-14 15:25:56,114 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 294 300) the Hoare annotation is: true [2022-12-14 15:25:56,114 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 83 94) the Hoare annotation is: (let ((.cse7 (= ~methaneLevelCritical~0 1)) (.cse8 (not (= |old(~methaneLevelCritical~0)| 1))) (.cse2 (not (<= 0 ~pumpRunning~0))) (.cse4 (not (<= ~pumpRunning~0 0))) (.cse5 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~methaneLevelCritical~0)| 0))) (.cse6 (not (= 1 ~systemActive~0))) (.cse1 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse7 .cse8) (or .cse7 .cse8 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse6 .cse1 .cse3))) [2022-12-14 15:25:56,114 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 83 94) no Hoare annotation was computed. [2022-12-14 15:25:56,114 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 901 930) no Hoare annotation was computed. [2022-12-14 15:25:56,114 INFO L902 garLoopResultBuilder]: At program point L926(lines 901 930) the Hoare annotation is: true [2022-12-14 15:25:56,115 INFO L899 garLoopResultBuilder]: For program point L922(line 922) no Hoare annotation was computed. [2022-12-14 15:25:56,115 INFO L899 garLoopResultBuilder]: For program point L915(lines 915 919) no Hoare annotation was computed. [2022-12-14 15:25:56,115 INFO L902 garLoopResultBuilder]: At program point L915-1(lines 915 919) the Hoare annotation is: true [2022-12-14 15:25:56,115 INFO L902 garLoopResultBuilder]: At program point L911-2(lines 911 925) the Hoare annotation is: true [2022-12-14 15:25:56,115 INFO L902 garLoopResultBuilder]: At program point L907(line 907) the Hoare annotation is: true [2022-12-14 15:25:56,115 INFO L899 garLoopResultBuilder]: For program point L907-1(line 907) no Hoare annotation was computed. [2022-12-14 15:25:56,115 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 901 930) the Hoare annotation is: true [2022-12-14 15:25:56,115 INFO L895 garLoopResultBuilder]: At program point L895(line 895) the Hoare annotation is: (let ((.cse0 (not (<= |old(~pumpRunning~0)| 0))) (.cse2 (not (<= 0 |old(~pumpRunning~0)|))) (.cse3 (not (= 0 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse5 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse4 .cse2 .cse3) (or .cse5 .cse4) (or .cse5 .cse1))) [2022-12-14 15:25:56,115 INFO L899 garLoopResultBuilder]: For program point L507(lines 507 517) no Hoare annotation was computed. [2022-12-14 15:25:56,115 INFO L895 garLoopResultBuilder]: At program point L503(lines 503 520) the Hoare annotation is: (let ((.cse22 (or (<= (+ |old(~pumpRunning~0)| 1) 0) (<= 1 |old(~pumpRunning~0)|))) (.cse11 (= ~methaneLevelCritical~0 1)) (.cse10 (= 1 ~systemActive~0)) (.cse24 (not (= |old(~waterLevel~0)| 1))) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse9 (<= ~pumpRunning~0 0)) (.cse12 (<= 0 ~pumpRunning~0)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (= ~waterLevel~0 1)) (.cse20 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| ~methaneLevelCritical~0))) (let ((.cse7 (not (= ~methaneLevelCritical~0 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse18 (and .cse8 .cse9 .cse12 (or .cse4 .cse5) .cse20)) (.cse14 (not (<= |old(~pumpRunning~0)| 0))) (.cse15 (not (<= 0 |old(~pumpRunning~0)|))) (.cse16 (not (= 0 ~systemActive~0))) (.cse13 (not (<= 2 |old(~waterLevel~0)|))) (.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse6 (= ~methAndRunningLastTime~0 0)) (.cse17 (not (= ~methaneLevelCritical~0 0))) (.cse19 (and .cse24 (<= 2 ~waterLevel~0) .cse20 (= ~pumpRunning~0 1))) (.cse21 (or .cse24 (<= ~waterLevel~0 1))) (.cse2 (not .cse10)) (.cse3 (not .cse11)) (.cse23 (and (= ~pumpRunning~0 0) (not (= |timeShift_processEnvironment_~tmp~2#1| 0)) .cse22 .cse20))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse1 .cse6 .cse7 .cse3 (and .cse8 .cse9 .cse10 .cse11 .cse12) .cse13) (or .cse1 .cse6 .cse14 .cse7 .cse15 .cse16) (or .cse1 .cse6 .cse2 .cse14 .cse17 .cse15) (or .cse14 .cse18 .cse3 .cse15 .cse16) (or .cse0 .cse1 .cse2 .cse17 .cse4 .cse13) (or .cse14 .cse17 .cse4 .cse15 .cse16 .cse13) (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse13) (or .cse0 .cse1 .cse2 .cse17 .cse4 .cse5) (or .cse14 .cse17 .cse18 .cse15 .cse16) (or .cse1 .cse6 .cse2 .cse17 (not (= |old(~pumpRunning~0)| 1))) (or .cse14 .cse3 .cse4 .cse15 .cse16 .cse13) (or .cse1 .cse6 .cse2 .cse17 .cse19) (or (and .cse8 .cse9 .cse10 .cse12 .cse20 .cse21) .cse2 (and .cse8 .cse22 .cse20) .cse17 .cse19 .cse23) (or (and .cse8 .cse9 .cse10 .cse11 .cse12 .cse20 .cse21) .cse2 .cse3 .cse23)))) [2022-12-14 15:25:56,115 INFO L895 garLoopResultBuilder]: At program point L342(line 342) the Hoare annotation is: (let ((.cse0 (not (<= |old(~pumpRunning~0)| 0))) (.cse2 (not (<= 0 |old(~pumpRunning~0)|))) (.cse3 (not (= 0 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse5 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse4 .cse2 .cse3) (or .cse5 .cse4 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (<= (+ |old(~pumpRunning~0)| 1) 0) (<= 1 |old(~pumpRunning~0)|)))) (or .cse5 .cse1) (or (not (= |old(~methAndRunningLastTime~0)| 0)) (= ~methAndRunningLastTime~0 0) .cse5 .cse4))) [2022-12-14 15:25:56,116 INFO L895 garLoopResultBuilder]: At program point L503-1(lines 495 523) the Hoare annotation is: (let ((.cse20 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse22 (= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse6 (not (= |old(~waterLevel~0)| 1)))) (let ((.cse4 (or .cse6 (<= ~waterLevel~0 1))) (.cse10 (not (= |timeShift_processEnvironment_~tmp~2#1| 0))) (.cse13 (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~2#1| 0)) (.cse8 (or (<= (+ |old(~pumpRunning~0)| 1) 0) (<= 1 |old(~pumpRunning~0)|))) (.cse18 (not (= |old(~pumpRunning~0)| 0))) (.cse19 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse5 (not .cse2)) (.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse9 (<= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse11 (<= 0 ~pumpRunning~0)) (.cse14 (or .cse20 .cse22)) (.cse3 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| ~methaneLevelCritical~0)) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse12 (not (<= |old(~pumpRunning~0)| 0))) (.cse15 (not (= ~methaneLevelCritical~0 1))) (.cse16 (not (<= 0 |old(~pumpRunning~0)|))) (.cse17 (not (= 0 ~systemActive~0))) (.cse21 (not (<= 2 |old(~waterLevel~0)|)))) (and (or (and .cse0 .cse1 .cse2 .cse3 .cse4) .cse5 (and .cse1 .cse6 (<= 2 ~waterLevel~0) .cse3 (= ~pumpRunning~0 1)) .cse7 (and .cse0 .cse1 .cse8 .cse3) (and .cse9 .cse10 .cse1 .cse2 .cse8 .cse11 .cse3)) (or .cse12 (and .cse0 .cse9 .cse13 .cse1 .cse11 .cse14 .cse3) .cse15 .cse16 .cse17) (or .cse18 .cse19 .cse5 .cse7 .cse20 .cse21) (or .cse18 .cse19 (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse15 .cse20 .cse22) (or .cse12 .cse7 .cse20 .cse16 .cse17 .cse21) (or .cse18 .cse19 .cse5 .cse15 .cse20 .cse21) (or .cse5 (and .cse0 (= ~pumpRunning~0 0) .cse13 .cse1 .cse2 .cse3 .cse4) .cse15 (and .cse9 .cse10 .cse13 .cse1 .cse2 .cse8 .cse11 .cse3)) (or .cse18 .cse19 .cse5 .cse7 .cse20 .cse22) (or (and .cse0 .cse9 .cse1 .cse11 .cse14 .cse3) .cse12 .cse7 .cse16 .cse17) (or .cse12 .cse15 .cse20 .cse16 .cse17 .cse21)))) [2022-12-14 15:25:56,116 INFO L895 garLoopResultBuilder]: At program point L338(line 338) the Hoare annotation is: (let ((.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse8 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= |timeShift_processEnvironment_~tmp~2#1| 0)) (or (<= (+ |old(~pumpRunning~0)| 1) 0) (<= 1 |old(~pumpRunning~0)|)))) (.cse3 (not (<= |old(~pumpRunning~0)| 0))) (.cse4 (not (<= 0 |old(~pumpRunning~0)|))) (.cse5 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse6 (not (= 1 ~systemActive~0))) (.cse7 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse2) (or .cse3 .cse2 .cse4 .cse5) (or .cse6 .cse7 .cse8) (or .cse6 .cse2 .cse8) (or .cse3 .cse7 .cse4 .cse5) (or .cse0 .cse1 .cse6 .cse7))) [2022-12-14 15:25:56,116 INFO L895 garLoopResultBuilder]: At program point L334(line 334) the Hoare annotation is: (let ((.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse3 (not (<= |old(~pumpRunning~0)| 0))) (.cse4 (not (<= 0 |old(~pumpRunning~0)|))) (.cse5 (not (= 0 ~systemActive~0))) (.cse7 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (<= (+ |old(~pumpRunning~0)| 1) 0) (<= 1 |old(~pumpRunning~0)|)))) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse6 (not (= 1 ~systemActive~0))) (.cse8 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse2) (or .cse3 .cse2 .cse4 .cse5) (or .cse6 .cse2 .cse7) (or .cse3 .cse8 .cse4 .cse5) (or .cse6 .cse8 .cse7) (or .cse0 .cse1 .cse6 .cse8))) [2022-12-14 15:25:56,116 INFO L899 garLoopResultBuilder]: For program point L334-1(line 334) no Hoare annotation was computed. [2022-12-14 15:25:56,116 INFO L899 garLoopResultBuilder]: For program point L508(lines 508 514) no Hoare annotation was computed. [2022-12-14 15:25:56,116 INFO L895 garLoopResultBuilder]: At program point L347(line 347) the Hoare annotation is: (let ((.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse4 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~pumpRunning~0 0) (or (not (= |old(~waterLevel~0)| 1)) (<= ~waterLevel~0 1)))) (.cse1 (and (= ~methAndRunningLastTime~0 0) (or .cse9 (= ~waterLevel~0 1)))) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 1))) (.cse10 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~pumpRunning~0)| 0))) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse7 (not (<= 0 |old(~pumpRunning~0)|))) (.cse8 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse2 .cse5) (or .cse4 .cse2 .cse3) (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse5) (or .cse6 .cse5 .cse7 .cse8) (or .cse0 .cse2 .cse3 .cse9 .cse10) (or .cse0 .cse2 .cse5 .cse9 .cse10) (or .cse6 .cse3 .cse7 .cse8)))) [2022-12-14 15:25:56,117 INFO L895 garLoopResultBuilder]: At program point L347-1(lines 328 352) the Hoare annotation is: (let ((.cse14 (= ~pumpRunning~0 0)) (.cse6 (or (<= (+ |old(~pumpRunning~0)| 1) 0) (<= 1 |old(~pumpRunning~0)|))) (.cse21 (not (= |old(~waterLevel~0)| 1))) (.cse19 (= ~methaneLevelCritical~0 0)) (.cse20 (= 1 ~systemActive~0))) (let ((.cse3 (and .cse21 .cse19 (<= 2 ~waterLevel~0) .cse20 (= ~pumpRunning~0 1))) (.cse4 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse5 (or .cse21 (<= ~waterLevel~0 1))) (.cse1 (and .cse14 (not (= |timeShift_processEnvironment_~tmp~2#1| 0)) .cse6)) (.cse9 (not (= ~methaneLevelCritical~0 ~systemActive~0))) (.cse10 (not (= ~methaneLevelCritical~0 1))) (.cse15 (not (= |old(~pumpRunning~0)| 0))) (.cse17 (= ~waterLevel~0 1)) (.cse13 (not (= 0 ~systemActive~0))) (.cse7 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse8 (= ~methAndRunningLastTime~0 0)) (.cse16 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (not .cse20)) (.cse11 (not (<= |old(~pumpRunning~0)| 0))) (.cse2 (not .cse19)) (.cse12 (not (<= 0 |old(~pumpRunning~0)|))) (.cse18 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 (and .cse4 .cse5) (and .cse4 .cse6)) (or .cse7 .cse8 .cse0 .cse2 .cse3) (or .cse7 .cse8 .cse9 .cse10) (or .cse11 .cse10 .cse12 .cse13) (or (and .cse4 .cse14 .cse5) .cse0 .cse1 .cse10) (or .cse15 .cse7 .cse9 .cse10 .cse16 .cse17) (or .cse15 .cse7 .cse0 .cse10 .cse16 .cse18) (or .cse15 .cse7 .cse0 .cse2 .cse16 .cse17) (or .cse7 .cse8 .cse0 .cse2 (not (= |old(~pumpRunning~0)| 1))) (or .cse11 .cse2 .cse12 .cse13) (or .cse7 (and .cse8 .cse16) .cse0 .cse11 .cse2 .cse12 .cse18)))) [2022-12-14 15:25:56,117 INFO L899 garLoopResultBuilder]: For program point L281-1(lines 281 287) no Hoare annotation was computed. [2022-12-14 15:25:56,117 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 270 293) the Hoare annotation is: (let ((.cse10 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse14 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse13 (= 0 ~systemActive~0)) (.cse15 (or .cse10 (= ~waterLevel~0 1)))) (let ((.cse0 (and .cse14 (<= ~pumpRunning~0 0) (<= 0 ~pumpRunning~0) .cse13 .cse15)) (.cse12 (and .cse14 .cse15)) (.cse7 (not (= ~methaneLevelCritical~0 ~systemActive~0))) (.cse1 (not (<= |old(~pumpRunning~0)| 0))) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse3 (not (<= 0 |old(~pumpRunning~0)|))) (.cse4 (not .cse13)) (.cse11 (not (<= 2 |old(~waterLevel~0)|))) (.cse5 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse6 (= ~methAndRunningLastTime~0 0)) (.cse8 (not (= 1 ~systemActive~0))) (.cse9 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse1 .cse7 .cse3 .cse4) (or .cse5 .cse6 .cse7 .cse2) (or .cse5 .cse8 .cse1 .cse9 .cse10 .cse3 .cse11) (or .cse8 .cse9 .cse12) (or .cse1 .cse9 .cse10 .cse3 .cse4 .cse11) (or .cse0 .cse1 .cse9 .cse3 .cse4) (or .cse8 .cse12 .cse2) (or .cse5 .cse7 .cse2 .cse10 .cse11) (or .cse5 .cse8 (<= 2 ~waterLevel~0) .cse9 (not (= |old(~pumpRunning~0)| 1)) .cse11) (or .cse1 .cse2 .cse10 .cse3 .cse4 .cse11) (or .cse5 .cse6 .cse8 .cse9))))) [2022-12-14 15:25:56,117 INFO L895 garLoopResultBuilder]: At program point L501(line 501) the Hoare annotation is: (let ((.cse4 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse22 (= 0 ~systemActive~0)) (.cse17 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse18 (= ~waterLevel~0 1)) (.cse15 (= ~pumpRunning~0 0)) (.cse6 (or (<= (+ |old(~pumpRunning~0)| 1) 0) (<= 1 |old(~pumpRunning~0)|))) (.cse23 (not (= |old(~waterLevel~0)| 1))) (.cse20 (= ~methaneLevelCritical~0 0)) (.cse21 (= 1 ~systemActive~0))) (let ((.cse3 (and .cse23 .cse20 (<= 2 ~waterLevel~0) .cse21 (= ~pumpRunning~0 1))) (.cse5 (or .cse23 (<= ~waterLevel~0 1))) (.cse1 (and .cse15 (not (= |timeShift_processEnvironment_~tmp~2#1| 0)) .cse6)) (.cse14 (not (= ~methaneLevelCritical~0 ~systemActive~0))) (.cse7 (and .cse4 (<= ~pumpRunning~0 0) (<= 0 ~pumpRunning~0) .cse22 (or .cse17 .cse18))) (.cse16 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (not (= ~methaneLevelCritical~0 1))) (.cse11 (not .cse22)) (.cse12 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse13 (= ~methAndRunningLastTime~0 0)) (.cse0 (not .cse21)) (.cse8 (not (<= |old(~pumpRunning~0)| 0))) (.cse2 (not .cse20)) (.cse10 (not (<= 0 |old(~pumpRunning~0)|))) (.cse19 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 (and .cse4 .cse5) (and .cse4 .cse6)) (or .cse7 .cse8 .cse9 .cse10 .cse11) (or .cse12 .cse13 .cse0 .cse2 .cse3) (or .cse12 .cse13 .cse8 .cse14 .cse10 .cse11) (or .cse12 .cse13 .cse14 .cse9) (or (and .cse4 .cse15 .cse5) .cse0 .cse1 .cse9) (or .cse16 .cse12 .cse14 .cse9 .cse17 .cse18) (or .cse8 .cse2 .cse17 .cse10 .cse11 .cse19) (or .cse7 .cse8 .cse2 .cse10 .cse11) (or .cse16 .cse12 .cse0 .cse9 .cse17 .cse19) (or .cse16 .cse12 .cse0 .cse2 .cse17 .cse18) (or .cse12 .cse13 .cse0 .cse2 (not (= |old(~pumpRunning~0)| 1))) (or .cse8 .cse9 .cse17 .cse10 .cse11 .cse19) (or .cse12 (and .cse13 .cse17) .cse0 .cse8 .cse2 .cse10 .cse19)))) [2022-12-14 15:25:56,117 INFO L899 garLoopResultBuilder]: For program point L501-1(line 501) no Hoare annotation was computed. [2022-12-14 15:25:56,117 INFO L899 garLoopResultBuilder]: For program point L274-1(lines 273 292) no Hoare annotation was computed. [2022-12-14 15:25:56,117 INFO L899 garLoopResultBuilder]: For program point L336(lines 336 344) no Hoare annotation was computed. [2022-12-14 15:25:56,117 INFO L899 garLoopResultBuilder]: For program point L332(lines 332 349) no Hoare annotation was computed. [2022-12-14 15:25:56,117 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 270 293) no Hoare annotation was computed. [2022-12-14 15:25:56,117 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 895) no Hoare annotation was computed. [2022-12-14 15:25:56,117 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 95 103) the Hoare annotation is: true [2022-12-14 15:25:56,117 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 95 103) no Hoare annotation was computed. [2022-12-14 15:25:56,118 INFO L895 garLoopResultBuilder]: At program point L225(line 225) the Hoare annotation is: (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse4 (= 0 ~systemActive~0)) (.cse5 (= 1 ~systemActive~0)) (.cse6 (= ~methaneLevelCritical~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse1 .cse2 .cse5 .cse3) (and .cse0 .cse1 .cse6 .cse3 .cse4) (and .cse5 .cse6 .cse3))) [2022-12-14 15:25:56,118 INFO L895 garLoopResultBuilder]: At program point L250(lines 203 252) the Hoare annotation is: (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse4 (= 0 ~systemActive~0)) (.cse5 (= 1 ~systemActive~0)) (.cse6 (= ~methaneLevelCritical~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse1 .cse2 .cse5 .cse3) (and .cse0 .cse1 .cse6 .cse3 .cse4) (and .cse5 .cse6 .cse3))) [2022-12-14 15:25:56,118 INFO L899 garLoopResultBuilder]: For program point L213(lines 213 219) no Hoare annotation was computed. [2022-12-14 15:25:56,118 INFO L899 garLoopResultBuilder]: For program point L213-1(lines 213 219) no Hoare annotation was computed. [2022-12-14 15:25:56,118 INFO L899 garLoopResultBuilder]: For program point L465(lines 465 471) no Hoare annotation was computed. [2022-12-14 15:25:56,118 INFO L895 garLoopResultBuilder]: At program point L465-1(lines 465 471) the Hoare annotation is: (let ((.cse0 (let ((.cse1 (<= ~pumpRunning~0 0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= 0 ~pumpRunning~0))) (or (and .cse1 (= ~methAndRunningLastTime~0 0) .cse2 .cse3) (and .cse1 .cse2 .cse3 (not (= 0 ~systemActive~0))))))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and .cse0 (= ~methaneLevelCritical~0 1)))) [2022-12-14 15:25:56,118 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-12-14 15:25:56,118 INFO L902 garLoopResultBuilder]: At program point L256(lines 193 260) the Hoare annotation is: true [2022-12-14 15:25:56,118 INFO L899 garLoopResultBuilder]: For program point L223(lines 223 229) no Hoare annotation was computed. [2022-12-14 15:25:56,118 INFO L899 garLoopResultBuilder]: For program point L223-1(lines 223 229) no Hoare annotation was computed. [2022-12-14 15:25:56,118 INFO L895 garLoopResultBuilder]: At program point L983(lines 983 990) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methAndRunningLastTime~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-12-14 15:25:56,118 INFO L895 garLoopResultBuilder]: At program point L215(line 215) the Hoare annotation is: (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse4 (= 0 ~systemActive~0)) (.cse5 (= 1 ~systemActive~0)) (.cse6 (= ~methaneLevelCritical~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse1 .cse2 .cse5 .cse3) (and .cse0 .cse1 .cse6 .cse3 .cse4) (and .cse5 .cse6 .cse3))) [2022-12-14 15:25:56,118 INFO L902 garLoopResultBuilder]: At program point L983-2(lines 983 990) the Hoare annotation is: true [2022-12-14 15:25:56,118 INFO L895 garLoopResultBuilder]: At program point L467(line 467) the Hoare annotation is: (let ((.cse3 (not (= ~pumpRunning~0 0)))) (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (or .cse3 (not (= |old(~waterLevel~0)| 1)) (<= ~waterLevel~0 1))) (.cse2 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2) (and (or .cse3 (not (= |isMethaneAlarm_#t~ret17| 0))) (= ~methaneLevelCritical~0 1) .cse0 (or .cse3 (not (= |isMethaneAlarm_#res| 0))) .cse1 (or .cse3 (not (= |isMethaneLevelCritical_#res| 0))) .cse2)))) [2022-12-14 15:25:56,118 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(line -1) the Hoare annotation is: true [2022-12-14 15:25:56,118 INFO L895 garLoopResultBuilder]: At program point L253(lines 202 254) the Hoare annotation is: false [2022-12-14 15:25:56,118 INFO L899 garLoopResultBuilder]: For program point L241(lines 241 247) no Hoare annotation was computed. [2022-12-14 15:25:56,119 INFO L895 garLoopResultBuilder]: At program point L241-2(lines 233 248) the Hoare annotation is: (let ((.cse6 (= 1 ~systemActive~0)) (.cse1 (= ~methaneLevelCritical~0 1)) (.cse0 (<= ~pumpRunning~0 0)) (.cse5 (= ~methaneLevelCritical~0 0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= 0 ~pumpRunning~0)) (.cse4 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 .cse6 .cse2) (and .cse6 .cse1 .cse2) (and .cse0 .cse5 .cse2 .cse3 .cse4))) [2022-12-14 15:25:56,119 INFO L899 garLoopResultBuilder]: For program point L204(lines 203 252) no Hoare annotation was computed. [2022-12-14 15:25:56,119 INFO L895 garLoopResultBuilder]: At program point L233(lines 233 248) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse4 (= 0 ~systemActive~0)) (.cse2 (= ~methaneLevelCritical~0 0)) (.cse6 (= 1 ~systemActive~0)) (.cse5 (= ~methaneLevelCritical~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse1 .cse5 .cse3 .cse4) (and .cse2 .cse6 .cse3) (and .cse6 .cse5 .cse3))) [2022-12-14 15:25:56,119 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 71 82) no Hoare annotation was computed. [2022-12-14 15:25:56,119 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 71 82) the Hoare annotation is: (let ((.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse0 (not (<= 0 ~pumpRunning~0))) (.cse5 (not (<= ~pumpRunning~0 0))) (.cse6 (not (= 0 ~systemActive~0))) (.cse3 (= ~waterLevel~0 1)) (.cse7 (not (= 1 ~systemActive~0))) (.cse8 (not (= ~methaneLevelCritical~0 0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse7 .cse1 .cse2 .cse3) (or (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse0 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse7 .cse8 .cse2 .cse3 .cse4) (or .cse7 .cse8 (not (= ~pumpRunning~0 1)) .cse2 .cse4 (not (<= 2 |old(~waterLevel~0)|))))) [2022-12-14 15:25:56,119 INFO L895 garLoopResultBuilder]: At program point L316(line 316) the Hoare annotation is: (let ((.cse3 (and (= ~pumpRunning~0 0) (or (<= 2 ~waterLevel~0) (= |processEnvironment__wrappee__methaneQuery_~tmp~1#1| 0)))) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (and (not (<= 1 |old(~pumpRunning~0)|)) (not (<= (+ |old(~pumpRunning~0)| 1) 0)))) (.cse4 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 (not (= ~methAndRunningLastTime~0 0))) (or .cse0 .cse3 .cse4) (or (not (= |old(~pumpRunning~0)| 0)) .cse3 (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse2) (or .cse0 .cse1 .cse4))) [2022-12-14 15:25:56,119 INFO L899 garLoopResultBuilder]: For program point L310(lines 310 318) no Hoare annotation was computed. [2022-12-14 15:25:56,119 INFO L895 garLoopResultBuilder]: At program point L306(lines 306 323) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0))) (or .cse0 .cse1 .cse2 (not (= ~methAndRunningLastTime~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse2))) [2022-12-14 15:25:56,119 INFO L895 garLoopResultBuilder]: At program point L366(line 366) the Hoare annotation is: (let ((.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse0 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (and (not (<= 1 |old(~pumpRunning~0)|)) (not (<= (+ |old(~pumpRunning~0)| 1) 0)))) (.cse4 (not (= ~methaneLevelCritical~0 0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse0 .cse1) (or .cse2 .cse3 .cse1 (not (= ~methAndRunningLastTime~0 0))) (or .cse2 .cse4 .cse0) (or .cse2 .cse3 .cse4))) [2022-12-14 15:25:56,119 INFO L895 garLoopResultBuilder]: At program point L366-1(line 366) the Hoare annotation is: (let ((.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse3 (and (= |processEnvironment__wrappee__methaneQuery_activatePump_#t~ret16#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (and (not (<= 1 |old(~pumpRunning~0)|)) (not (<= (+ |old(~pumpRunning~0)| 1) 0)))) (.cse4 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 (not (= ~methAndRunningLastTime~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse2 .cse3) (or .cse0 .cse4 .cse3) (or .cse0 .cse1 .cse4))) [2022-12-14 15:25:56,119 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 302 326) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0))) (or .cse0 .cse1 .cse2 (not (= ~methAndRunningLastTime~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse2))) [2022-12-14 15:25:56,119 INFO L895 garLoopResultBuilder]: At program point L321(line 321) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse3 (not (= ~methAndRunningLastTime~0 0))) (or .cse1 (not (<= |old(~pumpRunning~0)| 0)) .cse2 (not (<= 0 |old(~pumpRunning~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) (not (= ~methaneLevelCritical~0 ~systemActive~0)) .cse3))) [2022-12-14 15:25:56,119 INFO L899 garLoopResultBuilder]: For program point L321-1(lines 302 326) no Hoare annotation was computed. [2022-12-14 15:25:56,120 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 302 326) no Hoare annotation was computed. [2022-12-14 15:25:56,120 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 386 396) no Hoare annotation was computed. [2022-12-14 15:25:56,120 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 386 396) the Hoare annotation is: true [2022-12-14 15:25:56,120 INFO L902 garLoopResultBuilder]: At program point L391(line 391) the Hoare annotation is: true [2022-12-14 15:25:56,120 INFO L899 garLoopResultBuilder]: For program point L391-1(line 391) no Hoare annotation was computed. [2022-12-14 15:25:56,122 INFO L445 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 15:25:56,123 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-12-14 15:25:56,145 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 14.12 03:25:56 BoogieIcfgContainer [2022-12-14 15:25:56,145 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-12-14 15:25:56,145 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-12-14 15:25:56,145 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-12-14 15:25:56,145 INFO L275 PluginConnector]: Witness Printer initialized [2022-12-14 15:25:56,146 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.12 03:25:07" (3/4) ... [2022-12-14 15:25:56,148 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-12-14 15:25:56,152 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-12-14 15:25:56,152 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-12-14 15:25:56,152 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-12-14 15:25:56,152 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-12-14 15:25:56,152 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-12-14 15:25:56,152 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-12-14 15:25:56,152 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-12-14 15:25:56,152 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2022-12-14 15:25:56,152 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2022-12-14 15:25:56,157 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 45 nodes and edges [2022-12-14 15:25:56,157 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-12-14 15:25:56,157 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-12-14 15:25:56,157 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-12-14 15:25:56,158 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-12-14 15:25:56,175 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 0 <= pumpRunning) && 0 == systemActive) && (\old(waterLevel) == waterLevel || waterLevel == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == systemActive)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1))) && ((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(2 <= \old(waterLevel)))) && ((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (pumpRunning == \old(pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)))) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 0 <= pumpRunning) && 0 == systemActive) && (\old(waterLevel) == waterLevel || waterLevel == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1))) || !(methaneLevelCritical == 1))) && ((((!(\old(methAndRunningLastTime) == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || 2 <= waterLevel) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) [2022-12-14 15:25:56,175 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((!(1 == systemActive) || ((pumpRunning == 0 && !(tmp == 0)) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning)))) || !(methaneLevelCritical == 0)) || ((((!(\old(waterLevel) == 1) && methaneLevelCritical == 0) && 2 <= waterLevel) && 1 == systemActive) && pumpRunning == 1)) || (pumpRunning == \old(pumpRunning) && (!(\old(waterLevel) == 1) || waterLevel <= 1))) || (pumpRunning == \old(pumpRunning) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning)))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((!(\old(waterLevel) == 1) && methaneLevelCritical == 0) && 2 <= waterLevel) && 1 == systemActive) && pumpRunning == 1))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && (!(\old(waterLevel) == 1) || waterLevel <= 1)) || !(1 == systemActive)) || ((pumpRunning == 0 && !(tmp == 0)) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning)))) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((((!(\old(methAndRunningLastTime) == 0) || (methAndRunningLastTime == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(2 <= \old(waterLevel))) [2022-12-14 15:25:56,175 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && (((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0))) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) [2022-12-14 15:25:56,176 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || waterLevel == 1) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || ((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 1 == systemActive) && methaneLevelCritical == 1) && 0 <= pumpRunning)) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == systemActive)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && ((((!(\old(pumpRunning) <= 0) || ((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 0 <= pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && ((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || ((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 0 <= pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && tmp == methaneLevelCritical)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1))) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (((!(\old(waterLevel) == 1) && 2 <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1))) && ((((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 1 == systemActive) && 0 <= pumpRunning) && tmp == methaneLevelCritical) && (!(\old(waterLevel) == 1) || waterLevel <= 1)) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 0)) || (((!(\old(waterLevel) == 1) && 2 <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && tmp == methaneLevelCritical))) && (((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 1 == systemActive) && methaneLevelCritical == 1) && 0 <= pumpRunning) && tmp == methaneLevelCritical) && (!(\old(waterLevel) == 1) || waterLevel <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && tmp == methaneLevelCritical)) [2022-12-14 15:25:56,176 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0) && 1 == systemActive) && tmp == methaneLevelCritical) && (!(\old(waterLevel) == 1) || waterLevel <= 1)) || !(1 == systemActive)) || ((((methAndRunningLastTime == 0 && !(\old(waterLevel) == 1)) && 2 <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || (((pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && tmp == methaneLevelCritical)) || ((((((pumpRunning <= 0 && !(tmp == 0)) && methAndRunningLastTime == 0) && 1 == systemActive) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && 0 <= pumpRunning) && tmp == methaneLevelCritical)) && ((((!(\old(pumpRunning) <= 0) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && tmp___0 == 0) && methAndRunningLastTime == 0) && 0 <= pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp___0 == 0) && methAndRunningLastTime == 0) && 1 == systemActive) && tmp == methaneLevelCritical) && (!(\old(waterLevel) == 1) || waterLevel <= 1))) || !(methaneLevelCritical == 1)) || (((((((pumpRunning <= 0 && !(tmp == 0)) && tmp___0 == 0) && methAndRunningLastTime == 0) && 1 == systemActive) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && 0 <= pumpRunning) && tmp == methaneLevelCritical))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && (((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && methAndRunningLastTime == 0) && 0 <= pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && tmp == methaneLevelCritical) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) [2022-12-14 15:25:56,176 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || (!(1 <= \old(pumpRunning)) && !(\old(pumpRunning) + 1 <= 0))) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || ((aux-isMethaneAlarm()-aux == methaneLevelCritical && pumpRunning == 0) && 2 <= waterLevel))) && ((!(1 == systemActive) || !(methaneLevelCritical == 0)) || ((aux-isMethaneAlarm()-aux == methaneLevelCritical && pumpRunning == 0) && 2 <= waterLevel))) && ((!(1 == systemActive) || (!(1 <= \old(pumpRunning)) && !(\old(pumpRunning) + 1 <= 0))) || !(methaneLevelCritical == 0)) [2022-12-14 15:25:56,176 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (!(1 == systemActive) || !(methaneLevelCritical == 0))) && (!(1 == systemActive) || !(methaneLevelCritical == 1)) [2022-12-14 15:25:56,191 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/witness.graphml [2022-12-14 15:25:56,191 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-12-14 15:25:56,191 INFO L158 Benchmark]: Toolchain (without parser) took 49543.78ms. Allocated memory was 115.3MB in the beginning and 509.6MB in the end (delta: 394.3MB). Free memory was 81.0MB in the beginning and 205.1MB in the end (delta: -124.0MB). Peak memory consumption was 272.9MB. Max. memory is 16.1GB. [2022-12-14 15:25:56,191 INFO L158 Benchmark]: CDTParser took 0.13ms. Allocated memory is still 115.3MB. Free memory is still 58.9MB. There was no memory consumed. Max. memory is 16.1GB. [2022-12-14 15:25:56,191 INFO L158 Benchmark]: CACSL2BoogieTranslator took 314.42ms. Allocated memory is still 115.3MB. Free memory was 81.0MB in the beginning and 61.9MB in the end (delta: 19.1MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-12-14 15:25:56,192 INFO L158 Benchmark]: Boogie Procedure Inliner took 36.63ms. Allocated memory is still 115.3MB. Free memory was 61.9MB in the beginning and 59.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-12-14 15:25:56,192 INFO L158 Benchmark]: Boogie Preprocessor took 19.90ms. Allocated memory is still 115.3MB. Free memory was 59.8MB in the beginning and 58.2MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-12-14 15:25:56,192 INFO L158 Benchmark]: RCFGBuilder took 420.97ms. Allocated memory was 115.3MB in the beginning and 138.4MB in the end (delta: 23.1MB). Free memory was 58.2MB in the beginning and 104.3MB in the end (delta: -46.1MB). Peak memory consumption was 26.8MB. Max. memory is 16.1GB. [2022-12-14 15:25:56,192 INFO L158 Benchmark]: TraceAbstraction took 48701.49ms. Allocated memory was 138.4MB in the beginning and 509.6MB in the end (delta: 371.2MB). Free memory was 103.1MB in the beginning and 211.4MB in the end (delta: -108.2MB). Peak memory consumption was 330.0MB. Max. memory is 16.1GB. [2022-12-14 15:25:56,192 INFO L158 Benchmark]: Witness Printer took 45.49ms. Allocated memory is still 509.6MB. Free memory was 211.4MB in the beginning and 205.1MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-12-14 15:25:56,193 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.13ms. Allocated memory is still 115.3MB. Free memory is still 58.9MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 314.42ms. Allocated memory is still 115.3MB. Free memory was 81.0MB in the beginning and 61.9MB in the end (delta: 19.1MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 36.63ms. Allocated memory is still 115.3MB. Free memory was 61.9MB in the beginning and 59.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 19.90ms. Allocated memory is still 115.3MB. Free memory was 59.8MB in the beginning and 58.2MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 420.97ms. Allocated memory was 115.3MB in the beginning and 138.4MB in the end (delta: 23.1MB). Free memory was 58.2MB in the beginning and 104.3MB in the end (delta: -46.1MB). Peak memory consumption was 26.8MB. Max. memory is 16.1GB. * TraceAbstraction took 48701.49ms. Allocated memory was 138.4MB in the beginning and 509.6MB in the end (delta: 371.2MB). Free memory was 103.1MB in the beginning and 211.4MB in the end (delta: -108.2MB). Peak memory consumption was 330.0MB. Max. memory is 16.1GB. * Witness Printer took 45.49ms. Allocated memory is still 509.6MB. Free memory was 211.4MB in the beginning and 205.1MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 895]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 72 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 48.6s, OverallIterations: 10, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 12.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 13.8s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 4606 SdHoareTripleChecker+Valid, 4.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 4590 mSDsluCounter, 5291 SdHoareTripleChecker+Invalid, 4.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4355 mSDsCounter, 3085 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 11718 IncrementalHoareTripleChecker+Invalid, 14803 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 3085 mSolverCounterUnsat, 936 mSDtfsCounter, 11718 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1025 GetRequests, 553 SyntacticMatches, 6 SemanticMatches, 466 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 38205 ImplicationChecksByTransitivity, 20.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1511occurred in iteration=9, InterpolantAutomatonStates: 354, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 1090 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 40 LocationsWithAnnotation, 2633 PreInvPairs, 3130 NumberOfFragments, 3519 HoareAnnotationTreeSize, 2633 FomulaSimplifications, 41541 FormulaSimplificationTreeSizeReduction, 3.1s HoareSimplificationTime, 40 FomulaSimplificationsInter, 131520 FormulaSimplificationTreeSizeReductionInter, 10.5s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.6s InterpolantComputationTime, 757 NumberOfCodeBlocks, 757 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 892 ConstructedInterpolants, 0 QuantifiedInterpolants, 2340 SizeOfPredicates, 26 NumberOfNonLiveVariables, 1108 ConjunctsInSsa, 105 ConjunctsInUnsatCore, 15 InterpolantComputations, 8 PerfectInterpolantSequences, 439/496 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 983]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 202]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 895]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (!(1 == systemActive) || !(methaneLevelCritical == 0))) && (!(1 == systemActive) || !(methaneLevelCritical == 1)) - InvariantResult [Line: 193]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 983]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 911]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 495]: Loop Invariant Derived loop invariant: (((((((((((((((((pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0) && 1 == systemActive) && tmp == methaneLevelCritical) && (!(\old(waterLevel) == 1) || waterLevel <= 1)) || !(1 == systemActive)) || ((((methAndRunningLastTime == 0 && !(\old(waterLevel) == 1)) && 2 <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || (((pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && tmp == methaneLevelCritical)) || ((((((pumpRunning <= 0 && !(tmp == 0)) && methAndRunningLastTime == 0) && 1 == systemActive) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && 0 <= pumpRunning) && tmp == methaneLevelCritical)) && ((((!(\old(pumpRunning) <= 0) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && tmp___0 == 0) && methAndRunningLastTime == 0) && 0 <= pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp___0 == 0) && methAndRunningLastTime == 0) && 1 == systemActive) && tmp == methaneLevelCritical) && (!(\old(waterLevel) == 1) || waterLevel <= 1))) || !(methaneLevelCritical == 1)) || (((((((pumpRunning <= 0 && !(tmp == 0)) && tmp___0 == 0) && methAndRunningLastTime == 0) && 1 == systemActive) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && 0 <= pumpRunning) && tmp == methaneLevelCritical))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && (((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && methAndRunningLastTime == 0) && 0 <= pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && tmp == methaneLevelCritical) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 503]: Loop Invariant Derived loop invariant: ((((((((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || waterLevel == 1) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || ((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 1 == systemActive) && methaneLevelCritical == 1) && 0 <= pumpRunning)) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == systemActive)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && ((((!(\old(pumpRunning) <= 0) || ((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 0 <= pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && ((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || ((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 0 <= pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && tmp == methaneLevelCritical)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1))) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (((!(\old(waterLevel) == 1) && 2 <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1))) && ((((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 1 == systemActive) && 0 <= pumpRunning) && tmp == methaneLevelCritical) && (!(\old(waterLevel) == 1) || waterLevel <= 1)) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 0)) || (((!(\old(waterLevel) == 1) && 2 <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && tmp == methaneLevelCritical))) && (((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 1 == systemActive) && methaneLevelCritical == 1) && 0 <= pumpRunning) && tmp == methaneLevelCritical) && (!(\old(waterLevel) == 1) || waterLevel <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning))) && tmp == methaneLevelCritical)) - InvariantResult [Line: 366]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || (!(1 <= \old(pumpRunning)) && !(\old(pumpRunning) + 1 <= 0))) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || ((aux-isMethaneAlarm()-aux == methaneLevelCritical && pumpRunning == 0) && 2 <= waterLevel))) && ((!(1 == systemActive) || !(methaneLevelCritical == 0)) || ((aux-isMethaneAlarm()-aux == methaneLevelCritical && pumpRunning == 0) && 2 <= waterLevel))) && ((!(1 == systemActive) || (!(1 <= \old(pumpRunning)) && !(\old(pumpRunning) + 1 <= 0))) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 203]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && splverifierCounter == 0) && 0 == systemActive) || (((methAndRunningLastTime == 0 && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 1) && splverifierCounter == 0) && 0 == systemActive)) || ((1 == systemActive && methaneLevelCritical == 1) && splverifierCounter == 0) - InvariantResult [Line: 465]: Loop Invariant Derived loop invariant: (methaneLevelCritical == 0 && ((((pumpRunning <= 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && 0 <= pumpRunning) || (((pumpRunning <= 0 && splverifierCounter == 0) && 0 <= pumpRunning) && !(0 == systemActive)))) || (((((pumpRunning <= 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && 0 <= pumpRunning) || (((pumpRunning <= 0 && splverifierCounter == 0) && 0 <= pumpRunning) && !(0 == systemActive))) && methaneLevelCritical == 1) - InvariantResult [Line: 328]: Loop Invariant Derived loop invariant: ((((((((((((((!(1 == systemActive) || ((pumpRunning == 0 && !(tmp == 0)) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning)))) || !(methaneLevelCritical == 0)) || ((((!(\old(waterLevel) == 1) && methaneLevelCritical == 0) && 2 <= waterLevel) && 1 == systemActive) && pumpRunning == 1)) || (pumpRunning == \old(pumpRunning) && (!(\old(waterLevel) == 1) || waterLevel <= 1))) || (pumpRunning == \old(pumpRunning) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning)))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((!(\old(waterLevel) == 1) && methaneLevelCritical == 0) && 2 <= waterLevel) && 1 == systemActive) && pumpRunning == 1))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && (!(\old(waterLevel) == 1) || waterLevel <= 1)) || !(1 == systemActive)) || ((pumpRunning == 0 && !(tmp == 0)) && (\old(pumpRunning) + 1 <= 0 || 1 <= \old(pumpRunning)))) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1))) && (((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((((!(\old(methAndRunningLastTime) == 0) || (methAndRunningLastTime == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(2 <= \old(waterLevel))) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 233]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && splverifierCounter == 0) && 0 == systemActive) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 1) && splverifierCounter == 0) && 0 == systemActive)) || ((methaneLevelCritical == 0 && 1 == systemActive) && splverifierCounter == 0)) || ((1 == systemActive && methaneLevelCritical == 1) && splverifierCounter == 0) - InvariantResult [Line: 306]: Loop Invariant Derived loop invariant: (((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && (((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0))) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) - InvariantResult [Line: 270]: Loop Invariant Derived loop invariant: ((((((((((((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 0 <= pumpRunning) && 0 == systemActive) && (\old(waterLevel) == waterLevel || waterLevel == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 1)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == systemActive)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1))) && ((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(2 <= \old(waterLevel)))) && ((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (pumpRunning == \old(pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)))) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == \old(pumpRunning) && pumpRunning <= 0) && 0 <= pumpRunning) && 0 == systemActive) && (\old(waterLevel) == waterLevel || waterLevel == 1)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1))) || !(methaneLevelCritical == 1))) && ((((!(\old(methAndRunningLastTime) == 0) || !(methaneLevelCritical == systemActive)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || 2 <= waterLevel) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) <= 0) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 901]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-12-14 15:25:56,214 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7bc8b218-51f3-49bb-8305-e967773720e4/bin/utaipan-gh47qXpMRh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE