./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 2329fc70 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 323b2112d56f35ec9fc5a7837411d8e54d2d46e3d8981d77e080eaf0dd99497b --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-2329fc7 [2022-12-14 14:23:51,451 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-12-14 14:23:51,452 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-12-14 14:23:51,465 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-12-14 14:23:51,466 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-12-14 14:23:51,466 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-12-14 14:23:51,467 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-12-14 14:23:51,468 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-12-14 14:23:51,469 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-12-14 14:23:51,470 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-12-14 14:23:51,471 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-12-14 14:23:51,472 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-12-14 14:23:51,472 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-12-14 14:23:51,473 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-12-14 14:23:51,473 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-12-14 14:23:51,474 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-12-14 14:23:51,475 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-12-14 14:23:51,475 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-12-14 14:23:51,476 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-12-14 14:23:51,479 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-12-14 14:23:51,482 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-12-14 14:23:51,483 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-12-14 14:23:51,485 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-12-14 14:23:51,486 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-12-14 14:23:51,493 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-12-14 14:23:51,494 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-12-14 14:23:51,495 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-12-14 14:23:51,496 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-12-14 14:23:51,497 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-12-14 14:23:51,498 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-12-14 14:23:51,498 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-12-14 14:23:51,500 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-12-14 14:23:51,501 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-12-14 14:23:51,501 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-12-14 14:23:51,502 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-12-14 14:23:51,503 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-12-14 14:23:51,503 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-12-14 14:23:51,504 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-12-14 14:23:51,504 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-12-14 14:23:51,505 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-12-14 14:23:51,505 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-12-14 14:23:51,506 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-12-14 14:23:51,531 INFO L113 SettingsManager]: Loading preferences was successful [2022-12-14 14:23:51,531 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-12-14 14:23:51,532 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-12-14 14:23:51,532 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-12-14 14:23:51,532 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-12-14 14:23:51,533 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-12-14 14:23:51,533 INFO L138 SettingsManager]: * User list type=DISABLED [2022-12-14 14:23:51,533 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-12-14 14:23:51,533 INFO L138 SettingsManager]: * Explicit value domain=true [2022-12-14 14:23:51,533 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-12-14 14:23:51,534 INFO L138 SettingsManager]: * Octagon Domain=false [2022-12-14 14:23:51,534 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-12-14 14:23:51,534 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-12-14 14:23:51,534 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-12-14 14:23:51,534 INFO L138 SettingsManager]: * Interval Domain=false [2022-12-14 14:23:51,535 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-12-14 14:23:51,535 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-12-14 14:23:51,535 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-12-14 14:23:51,536 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-12-14 14:23:51,536 INFO L138 SettingsManager]: * sizeof long=4 [2022-12-14 14:23:51,536 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-12-14 14:23:51,536 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-12-14 14:23:51,536 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-12-14 14:23:51,537 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-12-14 14:23:51,537 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-12-14 14:23:51,537 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-12-14 14:23:51,537 INFO L138 SettingsManager]: * sizeof long double=12 [2022-12-14 14:23:51,537 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-12-14 14:23:51,538 INFO L138 SettingsManager]: * Use constant arrays=true [2022-12-14 14:23:51,538 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-12-14 14:23:51,538 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-12-14 14:23:51,538 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-12-14 14:23:51,538 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-12-14 14:23:51,539 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-12-14 14:23:51,539 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-12-14 14:23:51,539 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-12-14 14:23:51,539 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-12-14 14:23:51,539 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-12-14 14:23:51,540 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-12-14 14:23:51,540 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-12-14 14:23:51,540 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-12-14 14:23:51,540 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 323b2112d56f35ec9fc5a7837411d8e54d2d46e3d8981d77e080eaf0dd99497b [2022-12-14 14:23:51,726 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-12-14 14:23:51,746 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-12-14 14:23:51,748 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-12-14 14:23:51,749 INFO L271 PluginConnector]: Initializing CDTParser... [2022-12-14 14:23:51,750 INFO L275 PluginConnector]: CDTParser initialized [2022-12-14 14:23:51,751 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/../../sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c [2022-12-14 14:23:54,337 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-12-14 14:23:54,540 INFO L351 CDTParser]: Found 1 translation units. [2022-12-14 14:23:54,541 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c [2022-12-14 14:23:54,552 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/data/62b8b391e/f8d631dfd8e844dc8c5b31629b49f588/FLAG6c334285d [2022-12-14 14:23:54,915 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/data/62b8b391e/f8d631dfd8e844dc8c5b31629b49f588 [2022-12-14 14:23:54,917 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-12-14 14:23:54,918 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-12-14 14:23:54,919 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-12-14 14:23:54,919 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-12-14 14:23:54,922 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-12-14 14:23:54,923 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.12 02:23:54" (1/1) ... [2022-12-14 14:23:54,924 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@10068e1a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:54, skipping insertion in model container [2022-12-14 14:23:54,924 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.12 02:23:54" (1/1) ... [2022-12-14 14:23:54,929 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-12-14 14:23:54,954 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-12-14 14:23:55,091 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c[9626,9639] [2022-12-14 14:23:55,128 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-12-14 14:23:55,136 INFO L203 MainTranslator]: Completed pre-run [2022-12-14 14:23:55,172 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c[9626,9639] [2022-12-14 14:23:55,206 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-12-14 14:23:55,226 INFO L208 MainTranslator]: Completed translation [2022-12-14 14:23:55,226 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55 WrapperNode [2022-12-14 14:23:55,226 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-12-14 14:23:55,227 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-12-14 14:23:55,227 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-12-14 14:23:55,228 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-12-14 14:23:55,234 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (1/1) ... [2022-12-14 14:23:55,250 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (1/1) ... [2022-12-14 14:23:55,275 INFO L138 Inliner]: procedures = 61, calls = 110, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 246 [2022-12-14 14:23:55,275 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-12-14 14:23:55,276 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-12-14 14:23:55,276 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-12-14 14:23:55,276 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-12-14 14:23:55,285 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (1/1) ... [2022-12-14 14:23:55,285 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (1/1) ... [2022-12-14 14:23:55,288 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (1/1) ... [2022-12-14 14:23:55,288 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (1/1) ... [2022-12-14 14:23:55,294 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (1/1) ... [2022-12-14 14:23:55,298 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (1/1) ... [2022-12-14 14:23:55,300 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (1/1) ... [2022-12-14 14:23:55,301 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (1/1) ... [2022-12-14 14:23:55,303 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-12-14 14:23:55,303 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-12-14 14:23:55,303 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-12-14 14:23:55,303 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-12-14 14:23:55,304 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (1/1) ... [2022-12-14 14:23:55,309 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-12-14 14:23:55,320 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 [2022-12-14 14:23:55,332 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-12-14 14:23:55,334 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-12-14 14:23:55,366 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-12-14 14:23:55,366 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-12-14 14:23:55,366 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-12-14 14:23:55,366 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-12-14 14:23:55,367 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-12-14 14:23:55,367 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-12-14 14:23:55,367 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-12-14 14:23:55,367 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-12-14 14:23:55,367 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-12-14 14:23:55,367 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-12-14 14:23:55,367 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-12-14 14:23:55,367 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-12-14 14:23:55,367 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-12-14 14:23:55,367 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-12-14 14:23:55,368 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-12-14 14:23:55,368 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-12-14 14:23:55,368 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-12-14 14:23:55,368 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-12-14 14:23:55,368 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-12-14 14:23:55,368 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-12-14 14:23:55,368 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-12-14 14:23:55,368 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-12-14 14:23:55,369 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-12-14 14:23:55,369 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-12-14 14:23:55,428 INFO L235 CfgBuilder]: Building ICFG [2022-12-14 14:23:55,430 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-12-14 14:23:55,656 INFO L276 CfgBuilder]: Performing block encoding [2022-12-14 14:23:55,731 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-12-14 14:23:55,732 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-12-14 14:23:55,733 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.12 02:23:55 BoogieIcfgContainer [2022-12-14 14:23:55,734 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-12-14 14:23:55,735 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-12-14 14:23:55,735 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-12-14 14:23:55,737 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-12-14 14:23:55,738 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 14.12 02:23:54" (1/3) ... [2022-12-14 14:23:55,738 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@11891d2a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.12 02:23:55, skipping insertion in model container [2022-12-14 14:23:55,738 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 02:23:55" (2/3) ... [2022-12-14 14:23:55,738 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@11891d2a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.12 02:23:55, skipping insertion in model container [2022-12-14 14:23:55,738 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.12 02:23:55" (3/3) ... [2022-12-14 14:23:55,739 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product64.cil.c [2022-12-14 14:23:55,753 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-12-14 14:23:55,753 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-12-14 14:23:55,787 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-12-14 14:23:55,791 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@69c55405, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-12-14 14:23:55,791 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-12-14 14:23:55,794 INFO L276 IsEmpty]: Start isEmpty. Operand has 80 states, 49 states have (on average 1.4285714285714286) internal successors, (70), 60 states have internal predecessors, (70), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) [2022-12-14 14:23:55,800 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-12-14 14:23:55,801 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 14:23:55,801 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 14:23:55,801 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 14:23:55,805 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 14:23:55,805 INFO L85 PathProgramCache]: Analyzing trace with hash -208248982, now seen corresponding path program 1 times [2022-12-14 14:23:55,812 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 14:23:55,812 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [449347104] [2022-12-14 14:23:55,812 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:23:55,813 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 14:23:55,884 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:23:55,929 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-12-14 14:23:55,929 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 14:23:55,929 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [449347104] [2022-12-14 14:23:55,930 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [449347104] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 14:23:55,930 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 14:23:55,930 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-12-14 14:23:55,931 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1207821006] [2022-12-14 14:23:55,932 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 14:23:55,935 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-12-14 14:23:55,935 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 14:23:55,957 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-12-14 14:23:55,957 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-12-14 14:23:55,959 INFO L87 Difference]: Start difference. First operand has 80 states, 49 states have (on average 1.4285714285714286) internal successors, (70), 60 states have internal predecessors, (70), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-12-14 14:23:56,021 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 14:23:56,021 INFO L93 Difference]: Finished difference Result 158 states and 217 transitions. [2022-12-14 14:23:56,022 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-12-14 14:23:56,024 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2022-12-14 14:23:56,024 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 14:23:56,032 INFO L225 Difference]: With dead ends: 158 [2022-12-14 14:23:56,033 INFO L226 Difference]: Without dead ends: 75 [2022-12-14 14:23:56,036 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-12-14 14:23:56,039 INFO L413 NwaCegarLoop]: 86 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 86 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-12-14 14:23:56,040 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 86 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-12-14 14:23:56,054 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-12-14 14:23:56,071 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-12-14 14:23:56,072 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 46 states have (on average 1.3478260869565217) internal successors, (62), 56 states have internal predecessors, (62), 19 states have call successors, (19), 10 states have call predecessors, (19), 9 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2022-12-14 14:23:56,073 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 99 transitions. [2022-12-14 14:23:56,074 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 99 transitions. Word has length 21 [2022-12-14 14:23:56,074 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 14:23:56,074 INFO L495 AbstractCegarLoop]: Abstraction has 75 states and 99 transitions. [2022-12-14 14:23:56,074 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-12-14 14:23:56,075 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 99 transitions. [2022-12-14 14:23:56,076 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-12-14 14:23:56,076 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 14:23:56,076 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 14:23:56,077 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-12-14 14:23:56,077 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 14:23:56,077 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 14:23:56,078 INFO L85 PathProgramCache]: Analyzing trace with hash 1670362921, now seen corresponding path program 1 times [2022-12-14 14:23:56,078 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 14:23:56,078 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1901655502] [2022-12-14 14:23:56,078 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:23:56,078 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 14:23:56,097 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:23:56,166 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-12-14 14:23:56,167 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 14:23:56,167 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1901655502] [2022-12-14 14:23:56,167 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1901655502] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 14:23:56,167 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 14:23:56,167 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-12-14 14:23:56,168 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [729745431] [2022-12-14 14:23:56,168 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 14:23:56,169 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-12-14 14:23:56,169 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 14:23:56,169 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-12-14 14:23:56,170 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 14:23:56,170 INFO L87 Difference]: Start difference. First operand 75 states and 99 transitions. Second operand has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-12-14 14:23:56,214 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 14:23:56,214 INFO L93 Difference]: Finished difference Result 122 states and 160 transitions. [2022-12-14 14:23:56,215 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-12-14 14:23:56,215 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2022-12-14 14:23:56,215 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 14:23:56,216 INFO L225 Difference]: With dead ends: 122 [2022-12-14 14:23:56,216 INFO L226 Difference]: Without dead ends: 67 [2022-12-14 14:23:56,217 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 14:23:56,218 INFO L413 NwaCegarLoop]: 72 mSDtfsCounter, 14 mSDsluCounter, 56 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 128 SdHoareTripleChecker+Invalid, 28 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-12-14 14:23:56,219 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 128 Invalid, 28 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-12-14 14:23:56,220 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-12-14 14:23:56,227 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-12-14 14:23:56,227 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 41 states have (on average 1.3658536585365855) internal successors, (56), 51 states have internal predecessors, (56), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-12-14 14:23:56,229 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 88 transitions. [2022-12-14 14:23:56,229 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 88 transitions. Word has length 22 [2022-12-14 14:23:56,229 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 14:23:56,229 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 88 transitions. [2022-12-14 14:23:56,229 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-12-14 14:23:56,229 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 88 transitions. [2022-12-14 14:23:56,230 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-12-14 14:23:56,230 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 14:23:56,231 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 14:23:56,231 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-12-14 14:23:56,231 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 14:23:56,231 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 14:23:56,232 INFO L85 PathProgramCache]: Analyzing trace with hash 1052609523, now seen corresponding path program 1 times [2022-12-14 14:23:56,232 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 14:23:56,232 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2047459741] [2022-12-14 14:23:56,232 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:23:56,232 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 14:23:56,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:23:56,340 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-12-14 14:23:56,340 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 14:23:56,340 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2047459741] [2022-12-14 14:23:56,341 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2047459741] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 14:23:56,341 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 14:23:56,341 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-12-14 14:23:56,341 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [764380605] [2022-12-14 14:23:56,341 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 14:23:56,342 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-12-14 14:23:56,342 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 14:23:56,342 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-12-14 14:23:56,342 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-12-14 14:23:56,343 INFO L87 Difference]: Start difference. First operand 67 states and 88 transitions. Second operand has 4 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-12-14 14:23:56,433 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 14:23:56,433 INFO L93 Difference]: Finished difference Result 168 states and 221 transitions. [2022-12-14 14:23:56,433 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-12-14 14:23:56,433 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 25 [2022-12-14 14:23:56,434 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 14:23:56,434 INFO L225 Difference]: With dead ends: 168 [2022-12-14 14:23:56,434 INFO L226 Difference]: Without dead ends: 103 [2022-12-14 14:23:56,435 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-12-14 14:23:56,436 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 109 mSDsluCounter, 99 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 113 SdHoareTripleChecker+Valid, 182 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-12-14 14:23:56,436 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [113 Valid, 182 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-12-14 14:23:56,437 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2022-12-14 14:23:56,445 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 100. [2022-12-14 14:23:56,446 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 100 states, 63 states have (on average 1.3650793650793651) internal successors, (86), 76 states have internal predecessors, (86), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (23), 16 states have call predecessors, (23), 22 states have call successors, (23) [2022-12-14 14:23:56,446 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 100 states to 100 states and 131 transitions. [2022-12-14 14:23:56,447 INFO L78 Accepts]: Start accepts. Automaton has 100 states and 131 transitions. Word has length 25 [2022-12-14 14:23:56,447 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 14:23:56,447 INFO L495 AbstractCegarLoop]: Abstraction has 100 states and 131 transitions. [2022-12-14 14:23:56,447 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-12-14 14:23:56,447 INFO L276 IsEmpty]: Start isEmpty. Operand 100 states and 131 transitions. [2022-12-14 14:23:56,448 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-12-14 14:23:56,448 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 14:23:56,448 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 14:23:56,448 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-12-14 14:23:56,448 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 14:23:56,449 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 14:23:56,449 INFO L85 PathProgramCache]: Analyzing trace with hash 1934052584, now seen corresponding path program 1 times [2022-12-14 14:23:56,449 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 14:23:56,449 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1610215775] [2022-12-14 14:23:56,449 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:23:56,449 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 14:23:56,460 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:23:56,532 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-12-14 14:23:56,532 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 14:23:56,533 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1610215775] [2022-12-14 14:23:56,533 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1610215775] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 14:23:56,533 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 14:23:56,533 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-12-14 14:23:56,533 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1545107030] [2022-12-14 14:23:56,533 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 14:23:56,534 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-12-14 14:23:56,534 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 14:23:56,534 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-12-14 14:23:56,534 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-12-14 14:23:56,535 INFO L87 Difference]: Start difference. First operand 100 states and 131 transitions. Second operand has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-12-14 14:23:56,685 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 14:23:56,685 INFO L93 Difference]: Finished difference Result 243 states and 329 transitions. [2022-12-14 14:23:56,685 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-12-14 14:23:56,685 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 28 [2022-12-14 14:23:56,686 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 14:23:56,688 INFO L225 Difference]: With dead ends: 243 [2022-12-14 14:23:56,688 INFO L226 Difference]: Without dead ends: 145 [2022-12-14 14:23:56,688 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-12-14 14:23:56,689 INFO L413 NwaCegarLoop]: 78 mSDtfsCounter, 46 mSDsluCounter, 252 mSDsCounter, 0 mSdLazyCounter, 139 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 330 SdHoareTripleChecker+Invalid, 149 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 139 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-12-14 14:23:56,690 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 330 Invalid, 149 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 139 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-12-14 14:23:56,690 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 145 states. [2022-12-14 14:23:56,701 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 145 to 138. [2022-12-14 14:23:56,702 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 138 states, 90 states have (on average 1.2777777777777777) internal successors, (115), 101 states have internal predecessors, (115), 26 states have call successors, (26), 21 states have call predecessors, (26), 21 states have return successors, (34), 24 states have call predecessors, (34), 26 states have call successors, (34) [2022-12-14 14:23:56,702 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 138 states to 138 states and 175 transitions. [2022-12-14 14:23:56,703 INFO L78 Accepts]: Start accepts. Automaton has 138 states and 175 transitions. Word has length 28 [2022-12-14 14:23:56,703 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 14:23:56,703 INFO L495 AbstractCegarLoop]: Abstraction has 138 states and 175 transitions. [2022-12-14 14:23:56,703 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-12-14 14:23:56,703 INFO L276 IsEmpty]: Start isEmpty. Operand 138 states and 175 transitions. [2022-12-14 14:23:56,704 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-12-14 14:23:56,704 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 14:23:56,704 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 14:23:56,704 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-12-14 14:23:56,704 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 14:23:56,705 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 14:23:56,705 INFO L85 PathProgramCache]: Analyzing trace with hash -1953901153, now seen corresponding path program 1 times [2022-12-14 14:23:56,705 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 14:23:56,705 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1989759091] [2022-12-14 14:23:56,705 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:23:56,705 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 14:23:56,715 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:23:56,895 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-12-14 14:23:56,896 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 14:23:56,896 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1989759091] [2022-12-14 14:23:56,896 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1989759091] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 14:23:56,896 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 14:23:56,896 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-12-14 14:23:56,896 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1191947139] [2022-12-14 14:23:56,897 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 14:23:56,897 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-12-14 14:23:56,897 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 14:23:56,898 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-12-14 14:23:56,898 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-12-14 14:23:56,898 INFO L87 Difference]: Start difference. First operand 138 states and 175 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 5 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) [2022-12-14 14:23:57,035 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 14:23:57,035 INFO L93 Difference]: Finished difference Result 416 states and 532 transitions. [2022-12-14 14:23:57,036 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-12-14 14:23:57,036 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 5 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) Word has length 42 [2022-12-14 14:23:57,036 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 14:23:57,038 INFO L225 Difference]: With dead ends: 416 [2022-12-14 14:23:57,039 INFO L226 Difference]: Without dead ends: 280 [2022-12-14 14:23:57,040 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=26, Unknown=0, NotChecked=0, Total=42 [2022-12-14 14:23:57,041 INFO L413 NwaCegarLoop]: 113 mSDtfsCounter, 115 mSDsluCounter, 190 mSDsCounter, 0 mSdLazyCounter, 149 mSolverCounterSat, 19 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 116 SdHoareTripleChecker+Valid, 303 SdHoareTripleChecker+Invalid, 168 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 19 IncrementalHoareTripleChecker+Valid, 149 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-12-14 14:23:57,041 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [116 Valid, 303 Invalid, 168 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [19 Valid, 149 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-12-14 14:23:57,042 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 280 states. [2022-12-14 14:23:57,078 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 280 to 273. [2022-12-14 14:23:57,079 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 273 states, 180 states have (on average 1.2777777777777777) internal successors, (230), 199 states have internal predecessors, (230), 50 states have call successors, (50), 42 states have call predecessors, (50), 42 states have return successors, (67), 45 states have call predecessors, (67), 50 states have call successors, (67) [2022-12-14 14:23:57,081 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 273 states to 273 states and 347 transitions. [2022-12-14 14:23:57,081 INFO L78 Accepts]: Start accepts. Automaton has 273 states and 347 transitions. Word has length 42 [2022-12-14 14:23:57,081 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 14:23:57,081 INFO L495 AbstractCegarLoop]: Abstraction has 273 states and 347 transitions. [2022-12-14 14:23:57,081 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 5 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) [2022-12-14 14:23:57,082 INFO L276 IsEmpty]: Start isEmpty. Operand 273 states and 347 transitions. [2022-12-14 14:23:57,083 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-12-14 14:23:57,083 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 14:23:57,084 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 14:23:57,084 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-12-14 14:23:57,084 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 14:23:57,084 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 14:23:57,084 INFO L85 PathProgramCache]: Analyzing trace with hash -418109188, now seen corresponding path program 1 times [2022-12-14 14:23:57,085 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 14:23:57,085 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [631950976] [2022-12-14 14:23:57,085 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:23:57,085 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 14:23:57,097 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:23:57,121 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-12-14 14:23:57,121 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 14:23:57,121 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [631950976] [2022-12-14 14:23:57,121 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [631950976] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 14:23:57,121 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 14:23:57,121 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-12-14 14:23:57,121 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [354495722] [2022-12-14 14:23:57,122 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 14:23:57,122 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-12-14 14:23:57,122 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 14:23:57,122 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-12-14 14:23:57,123 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 14:23:57,123 INFO L87 Difference]: Start difference. First operand 273 states and 347 transitions. Second operand has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 3 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) [2022-12-14 14:23:57,183 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 14:23:57,183 INFO L93 Difference]: Finished difference Result 550 states and 698 transitions. [2022-12-14 14:23:57,183 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-12-14 14:23:57,184 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 3 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) Word has length 48 [2022-12-14 14:23:57,184 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 14:23:57,186 INFO L225 Difference]: With dead ends: 550 [2022-12-14 14:23:57,186 INFO L226 Difference]: Without dead ends: 279 [2022-12-14 14:23:57,188 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 14:23:57,189 INFO L413 NwaCegarLoop]: 92 mSDtfsCounter, 30 mSDsluCounter, 70 mSDsCounter, 0 mSdLazyCounter, 41 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 30 SdHoareTripleChecker+Valid, 162 SdHoareTripleChecker+Invalid, 41 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 41 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-12-14 14:23:57,189 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [30 Valid, 162 Invalid, 41 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 41 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-12-14 14:23:57,191 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 279 states. [2022-12-14 14:23:57,214 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 279 to 273. [2022-12-14 14:23:57,214 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 273 states, 180 states have (on average 1.2666666666666666) internal successors, (228), 199 states have internal predecessors, (228), 50 states have call successors, (50), 42 states have call predecessors, (50), 42 states have return successors, (62), 45 states have call predecessors, (62), 50 states have call successors, (62) [2022-12-14 14:23:57,215 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 273 states to 273 states and 340 transitions. [2022-12-14 14:23:57,216 INFO L78 Accepts]: Start accepts. Automaton has 273 states and 340 transitions. Word has length 48 [2022-12-14 14:23:57,216 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 14:23:57,216 INFO L495 AbstractCegarLoop]: Abstraction has 273 states and 340 transitions. [2022-12-14 14:23:57,216 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 3 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) [2022-12-14 14:23:57,216 INFO L276 IsEmpty]: Start isEmpty. Operand 273 states and 340 transitions. [2022-12-14 14:23:57,217 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2022-12-14 14:23:57,217 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 14:23:57,217 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 14:23:57,217 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-12-14 14:23:57,218 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 14:23:57,218 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 14:23:57,218 INFO L85 PathProgramCache]: Analyzing trace with hash 987240237, now seen corresponding path program 1 times [2022-12-14 14:23:57,218 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 14:23:57,218 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1024593432] [2022-12-14 14:23:57,218 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:23:57,218 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 14:23:57,229 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:23:57,397 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-12-14 14:23:57,397 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 14:23:57,398 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1024593432] [2022-12-14 14:23:57,398 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1024593432] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 14:23:57,398 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 14:23:57,398 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-12-14 14:23:57,398 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1573642249] [2022-12-14 14:23:57,398 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 14:23:57,398 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-12-14 14:23:57,399 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 14:23:57,399 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-12-14 14:23:57,399 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-12-14 14:23:57,399 INFO L87 Difference]: Start difference. First operand 273 states and 340 transitions. Second operand has 8 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 5 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2022-12-14 14:23:57,831 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 14:23:57,831 INFO L93 Difference]: Finished difference Result 630 states and 802 transitions. [2022-12-14 14:23:57,832 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-12-14 14:23:57,832 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 5 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) Word has length 45 [2022-12-14 14:23:57,832 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 14:23:57,835 INFO L225 Difference]: With dead ends: 630 [2022-12-14 14:23:57,835 INFO L226 Difference]: Without dead ends: 455 [2022-12-14 14:23:57,836 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 4 SyntacticMatches, 1 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 31 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=67, Invalid=143, Unknown=0, NotChecked=0, Total=210 [2022-12-14 14:23:57,837 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 259 mSDsluCounter, 207 mSDsCounter, 0 mSdLazyCounter, 411 mSolverCounterSat, 108 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 268 SdHoareTripleChecker+Valid, 291 SdHoareTripleChecker+Invalid, 519 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 108 IncrementalHoareTripleChecker+Valid, 411 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-12-14 14:23:57,837 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [268 Valid, 291 Invalid, 519 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [108 Valid, 411 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-12-14 14:23:57,838 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 455 states. [2022-12-14 14:23:57,877 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 455 to 384. [2022-12-14 14:23:57,877 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 384 states, 256 states have (on average 1.25390625) internal successors, (321), 282 states have internal predecessors, (321), 68 states have call successors, (68), 53 states have call predecessors, (68), 59 states have return successors, (87), 67 states have call predecessors, (87), 68 states have call successors, (87) [2022-12-14 14:23:57,880 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 384 states to 384 states and 476 transitions. [2022-12-14 14:23:57,880 INFO L78 Accepts]: Start accepts. Automaton has 384 states and 476 transitions. Word has length 45 [2022-12-14 14:23:57,880 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 14:23:57,880 INFO L495 AbstractCegarLoop]: Abstraction has 384 states and 476 transitions. [2022-12-14 14:23:57,881 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 5 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2022-12-14 14:23:57,881 INFO L276 IsEmpty]: Start isEmpty. Operand 384 states and 476 transitions. [2022-12-14 14:23:57,882 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 81 [2022-12-14 14:23:57,882 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 14:23:57,882 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 14:23:57,883 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-12-14 14:23:57,883 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 14:23:57,883 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 14:23:57,883 INFO L85 PathProgramCache]: Analyzing trace with hash -388470112, now seen corresponding path program 1 times [2022-12-14 14:23:57,883 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 14:23:57,883 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1216130742] [2022-12-14 14:23:57,884 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:23:57,884 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 14:23:57,900 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:23:58,059 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 9 proven. 14 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-12-14 14:23:58,059 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 14:23:58,059 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1216130742] [2022-12-14 14:23:58,059 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1216130742] provided 0 perfect and 1 imperfect interpolant sequences [2022-12-14 14:23:58,059 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [400627313] [2022-12-14 14:23:58,060 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:23:58,060 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 14:23:58,060 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 [2022-12-14 14:23:58,061 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-12-14 14:23:58,062 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-12-14 14:23:58,148 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:23:58,151 INFO L263 TraceCheckSpWp]: Trace formula consists of 362 conjuncts, 22 conjunts are in the unsatisfiable core [2022-12-14 14:23:58,157 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-12-14 14:23:58,291 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 36 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-12-14 14:23:58,292 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-12-14 14:23:58,440 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 16 proven. 1 refuted. 0 times theorem prover too weak. 20 trivial. 0 not checked. [2022-12-14 14:23:58,440 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [400627313] provided 0 perfect and 2 imperfect interpolant sequences [2022-12-14 14:23:58,440 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [682827673] [2022-12-14 14:23:58,464 INFO L159 IcfgInterpreter]: Started Sifa with 46 locations of interest [2022-12-14 14:23:58,464 INFO L166 IcfgInterpreter]: Building call graph [2022-12-14 14:23:58,468 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-12-14 14:23:58,472 INFO L176 IcfgInterpreter]: Starting interpretation [2022-12-14 14:23:58,472 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-12-14 14:24:00,532 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 51 for LOIs [2022-12-14 14:24:00,538 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 49 for LOIs [2022-12-14 14:24:01,001 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 24 for LOIs [2022-12-14 14:24:01,002 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 29 for LOIs [2022-12-14 14:24:01,041 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 26 for LOIs [2022-12-14 14:24:01,135 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 28 for LOIs [2022-12-14 14:24:01,137 INFO L180 IcfgInterpreter]: Interpretation finished [2022-12-14 14:24:05,717 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6115#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| |timeShift_getWaterLevel_#res#1|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| |timeShift_getWaterLevel_#res#1|) (= ~head~0.offset 0) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| ~waterLevel~0) (= |old(~waterLevel~0)| ~waterLevel~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) (<= |timeShift_getWaterLevel_~retValue_acc~5#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (<= 2 |timeShift_getWaterLevel_~retValue_acc~5#1|) (= |old(~switchedOnBeforeTS~0)| 0))' at error location [2022-12-14 14:24:05,717 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-12-14 14:24:05,718 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-12-14 14:24:05,718 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 6, 6] total 14 [2022-12-14 14:24:05,718 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1315807729] [2022-12-14 14:24:05,718 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-12-14 14:24:05,719 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-12-14 14:24:05,719 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 14:24:05,719 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-12-14 14:24:05,720 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=243, Invalid=1827, Unknown=0, NotChecked=0, Total=2070 [2022-12-14 14:24:05,721 INFO L87 Difference]: Start difference. First operand 384 states and 476 transitions. Second operand has 14 states, 13 states have (on average 7.153846153846154) internal successors, (93), 13 states have internal predecessors, (93), 5 states have call successors, (20), 4 states have call predecessors, (20), 5 states have return successors, (21), 7 states have call predecessors, (21), 5 states have call successors, (21) [2022-12-14 14:24:08,367 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 14:24:08,367 INFO L93 Difference]: Finished difference Result 4054 states and 5376 transitions. [2022-12-14 14:24:08,368 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 76 states. [2022-12-14 14:24:08,368 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 7.153846153846154) internal successors, (93), 13 states have internal predecessors, (93), 5 states have call successors, (20), 4 states have call predecessors, (20), 5 states have return successors, (21), 7 states have call predecessors, (21), 5 states have call successors, (21) Word has length 80 [2022-12-14 14:24:08,368 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 14:24:08,383 INFO L225 Difference]: With dead ends: 4054 [2022-12-14 14:24:08,383 INFO L226 Difference]: Without dead ends: 2858 [2022-12-14 14:24:08,390 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 338 GetRequests, 218 SyntacticMatches, 11 SemanticMatches, 109 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4707 ImplicationChecksByTransitivity, 5.6s TimeCoverageRelationStatistics Valid=994, Invalid=11216, Unknown=0, NotChecked=0, Total=12210 [2022-12-14 14:24:08,391 INFO L413 NwaCegarLoop]: 386 mSDtfsCounter, 976 mSDsluCounter, 2018 mSDsCounter, 0 mSdLazyCounter, 2902 mSolverCounterSat, 968 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 985 SdHoareTripleChecker+Valid, 2404 SdHoareTripleChecker+Invalid, 3870 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 968 IncrementalHoareTripleChecker+Valid, 2902 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.4s IncrementalHoareTripleChecker+Time [2022-12-14 14:24:08,392 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [985 Valid, 2404 Invalid, 3870 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [968 Valid, 2902 Invalid, 0 Unknown, 0 Unchecked, 1.4s Time] [2022-12-14 14:24:08,395 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2858 states. [2022-12-14 14:24:08,575 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2858 to 2010. [2022-12-14 14:24:08,579 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2010 states, 1358 states have (on average 1.2231222385861562) internal successors, (1661), 1469 states have internal predecessors, (1661), 330 states have call successors, (330), 290 states have call predecessors, (330), 321 states have return successors, (457), 327 states have call predecessors, (457), 330 states have call successors, (457) [2022-12-14 14:24:08,588 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2010 states to 2010 states and 2448 transitions. [2022-12-14 14:24:08,589 INFO L78 Accepts]: Start accepts. Automaton has 2010 states and 2448 transitions. Word has length 80 [2022-12-14 14:24:08,589 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 14:24:08,589 INFO L495 AbstractCegarLoop]: Abstraction has 2010 states and 2448 transitions. [2022-12-14 14:24:08,590 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 13 states have (on average 7.153846153846154) internal successors, (93), 13 states have internal predecessors, (93), 5 states have call successors, (20), 4 states have call predecessors, (20), 5 states have return successors, (21), 7 states have call predecessors, (21), 5 states have call successors, (21) [2022-12-14 14:24:08,590 INFO L276 IsEmpty]: Start isEmpty. Operand 2010 states and 2448 transitions. [2022-12-14 14:24:08,594 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2022-12-14 14:24:08,594 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 14:24:08,594 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 14:24:08,601 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-12-14 14:24:08,795 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 14:24:08,796 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 14:24:08,797 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 14:24:08,797 INFO L85 PathProgramCache]: Analyzing trace with hash -508944208, now seen corresponding path program 1 times [2022-12-14 14:24:08,798 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 14:24:08,798 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [786910880] [2022-12-14 14:24:08,798 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:24:08,799 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 14:24:08,870 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:24:09,092 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 6 proven. 17 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-12-14 14:24:09,092 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 14:24:09,092 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [786910880] [2022-12-14 14:24:09,092 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [786910880] provided 0 perfect and 1 imperfect interpolant sequences [2022-12-14 14:24:09,092 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [908595047] [2022-12-14 14:24:09,093 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:24:09,093 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 14:24:09,093 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 [2022-12-14 14:24:09,094 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-12-14 14:24:09,094 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-12-14 14:24:09,154 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:24:09,155 INFO L263 TraceCheckSpWp]: Trace formula consists of 369 conjuncts, 13 conjunts are in the unsatisfiable core [2022-12-14 14:24:09,158 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-12-14 14:24:09,206 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 20 proven. 1 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-12-14 14:24:09,206 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-12-14 14:24:09,298 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 1 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2022-12-14 14:24:09,298 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [908595047] provided 0 perfect and 2 imperfect interpolant sequences [2022-12-14 14:24:09,298 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [747615024] [2022-12-14 14:24:09,301 INFO L159 IcfgInterpreter]: Started Sifa with 55 locations of interest [2022-12-14 14:24:09,301 INFO L166 IcfgInterpreter]: Building call graph [2022-12-14 14:24:09,302 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-12-14 14:24:09,302 INFO L176 IcfgInterpreter]: Starting interpretation [2022-12-14 14:24:09,302 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-12-14 14:24:11,057 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 53 for LOIs [2022-12-14 14:24:11,062 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 46 for LOIs [2022-12-14 14:24:11,427 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 20 for LOIs [2022-12-14 14:24:11,428 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 63 for LOIs [2022-12-14 14:24:11,815 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 52 for LOIs [2022-12-14 14:24:12,037 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 58 for LOIs [2022-12-14 14:24:12,046 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 32 for LOIs [2022-12-14 14:24:12,047 INFO L180 IcfgInterpreter]: Interpretation finished [2022-12-14 14:24:16,452 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '16019#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 0)) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| |timeShift_getWaterLevel_#res#1|) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (= ~head~0.offset 0) (<= |old(~pumpRunning~0)| 2147483647) (= 1 ~systemActive~0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| ~waterLevel~0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 2147483648)) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 2147483647) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) (<= |timeShift_getWaterLevel_~retValue_acc~5#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2147483648)))' at error location [2022-12-14 14:24:16,452 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-12-14 14:24:16,452 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-12-14 14:24:16,452 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 16 [2022-12-14 14:24:16,452 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [494116367] [2022-12-14 14:24:16,452 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-12-14 14:24:16,453 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2022-12-14 14:24:16,453 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 14:24:16,453 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2022-12-14 14:24:16,454 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=333, Invalid=2747, Unknown=0, NotChecked=0, Total=3080 [2022-12-14 14:24:16,454 INFO L87 Difference]: Start difference. First operand 2010 states and 2448 transitions. Second operand has 16 states, 13 states have (on average 6.769230769230769) internal successors, (88), 12 states have internal predecessors, (88), 4 states have call successors, (20), 3 states have call predecessors, (20), 6 states have return successors, (24), 9 states have call predecessors, (24), 4 states have call successors, (24) [2022-12-14 14:24:18,806 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 14:24:18,806 INFO L93 Difference]: Finished difference Result 5173 states and 6578 transitions. [2022-12-14 14:24:18,806 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 93 states. [2022-12-14 14:24:18,806 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 13 states have (on average 6.769230769230769) internal successors, (88), 12 states have internal predecessors, (88), 4 states have call successors, (20), 3 states have call predecessors, (20), 6 states have return successors, (24), 9 states have call predecessors, (24), 4 states have call successors, (24) Word has length 84 [2022-12-14 14:24:18,807 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 14:24:18,820 INFO L225 Difference]: With dead ends: 5173 [2022-12-14 14:24:18,820 INFO L226 Difference]: Without dead ends: 4156 [2022-12-14 14:24:18,827 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 371 GetRequests, 229 SyntacticMatches, 5 SemanticMatches, 137 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7441 ImplicationChecksByTransitivity, 5.5s TimeCoverageRelationStatistics Valid=1406, Invalid=17776, Unknown=0, NotChecked=0, Total=19182 [2022-12-14 14:24:18,827 INFO L413 NwaCegarLoop]: 305 mSDtfsCounter, 902 mSDsluCounter, 1248 mSDsCounter, 0 mSdLazyCounter, 2332 mSolverCounterSat, 728 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 909 SdHoareTripleChecker+Valid, 1553 SdHoareTripleChecker+Invalid, 3060 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 728 IncrementalHoareTripleChecker+Valid, 2332 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2022-12-14 14:24:18,827 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [909 Valid, 1553 Invalid, 3060 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [728 Valid, 2332 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2022-12-14 14:24:18,830 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4156 states. [2022-12-14 14:24:19,079 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4156 to 3094. [2022-12-14 14:24:19,083 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3094 states, 2094 states have (on average 1.2268385864374403) internal successors, (2569), 2269 states have internal predecessors, (2569), 506 states have call successors, (506), 443 states have call predecessors, (506), 493 states have return successors, (736), 490 states have call predecessors, (736), 506 states have call successors, (736) [2022-12-14 14:24:19,090 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3094 states to 3094 states and 3811 transitions. [2022-12-14 14:24:19,091 INFO L78 Accepts]: Start accepts. Automaton has 3094 states and 3811 transitions. Word has length 84 [2022-12-14 14:24:19,091 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 14:24:19,091 INFO L495 AbstractCegarLoop]: Abstraction has 3094 states and 3811 transitions. [2022-12-14 14:24:19,091 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 13 states have (on average 6.769230769230769) internal successors, (88), 12 states have internal predecessors, (88), 4 states have call successors, (20), 3 states have call predecessors, (20), 6 states have return successors, (24), 9 states have call predecessors, (24), 4 states have call successors, (24) [2022-12-14 14:24:19,092 INFO L276 IsEmpty]: Start isEmpty. Operand 3094 states and 3811 transitions. [2022-12-14 14:24:19,103 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 114 [2022-12-14 14:24:19,103 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 14:24:19,103 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 14:24:19,109 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2022-12-14 14:24:19,304 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 14:24:19,304 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 14:24:19,305 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 14:24:19,305 INFO L85 PathProgramCache]: Analyzing trace with hash 2008710285, now seen corresponding path program 1 times [2022-12-14 14:24:19,305 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 14:24:19,305 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [40749542] [2022-12-14 14:24:19,305 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:24:19,305 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 14:24:19,319 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:24:19,441 INFO L134 CoverageAnalysis]: Checked inductivity of 92 backedges. 42 proven. 1 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2022-12-14 14:24:19,441 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 14:24:19,441 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [40749542] [2022-12-14 14:24:19,441 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [40749542] provided 0 perfect and 1 imperfect interpolant sequences [2022-12-14 14:24:19,441 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [750175537] [2022-12-14 14:24:19,442 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 14:24:19,442 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 14:24:19,442 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 [2022-12-14 14:24:19,443 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-12-14 14:24:19,443 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-12-14 14:24:19,529 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 14:24:19,531 INFO L263 TraceCheckSpWp]: Trace formula consists of 468 conjuncts, 34 conjunts are in the unsatisfiable core [2022-12-14 14:24:19,534 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-12-14 14:24:19,786 INFO L134 CoverageAnalysis]: Checked inductivity of 92 backedges. 45 proven. 45 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-12-14 14:24:19,786 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-12-14 14:24:20,382 INFO L134 CoverageAnalysis]: Checked inductivity of 92 backedges. 56 proven. 5 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2022-12-14 14:24:20,382 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [750175537] provided 0 perfect and 2 imperfect interpolant sequences [2022-12-14 14:24:20,382 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [563907894] [2022-12-14 14:24:20,384 INFO L159 IcfgInterpreter]: Started Sifa with 52 locations of interest [2022-12-14 14:24:20,384 INFO L166 IcfgInterpreter]: Building call graph [2022-12-14 14:24:20,384 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-12-14 14:24:20,384 INFO L176 IcfgInterpreter]: Starting interpretation [2022-12-14 14:24:20,384 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-12-14 14:24:21,909 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 35 for LOIs [2022-12-14 14:24:21,911 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 30 for LOIs [2022-12-14 14:24:22,061 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 54 for LOIs [2022-12-14 14:24:22,068 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 26 for LOIs [2022-12-14 14:24:22,102 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 26 for LOIs [2022-12-14 14:24:22,196 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 58 for LOIs [2022-12-14 14:24:22,205 INFO L180 IcfgInterpreter]: Interpretation finished [2022-12-14 14:24:26,070 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '29556#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 0)) (<= 0 |old(~pumpRunning~0)|) (<= ~pumpRunning~0 1) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| |timeShift_getWaterLevel_#res#1|) (= ~head~0.offset 0) (= 1 ~systemActive~0) (= |timeShift_getWaterLevel_~retValue_acc~5#1| ~waterLevel~0) (<= |old(~pumpRunning~0)| 0) (<= 2 |old(~waterLevel~0)|) (<= 0 ~pumpRunning~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) (<= |timeShift_getWaterLevel_~retValue_acc~5#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (<= 2 |timeShift_getWaterLevel_~retValue_acc~5#1|))' at error location [2022-12-14 14:24:26,071 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-12-14 14:24:26,071 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-12-14 14:24:26,071 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 13, 11] total 26 [2022-12-14 14:24:26,071 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [25825453] [2022-12-14 14:24:26,071 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-12-14 14:24:26,072 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 26 states [2022-12-14 14:24:26,072 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 14:24:26,073 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2022-12-14 14:24:26,075 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=399, Invalid=3261, Unknown=0, NotChecked=0, Total=3660 [2022-12-14 14:24:26,075 INFO L87 Difference]: Start difference. First operand 3094 states and 3811 transitions. Second operand has 26 states, 25 states have (on average 6.56) internal successors, (164), 25 states have internal predecessors, (164), 14 states have call successors, (40), 6 states have call predecessors, (40), 11 states have return successors, (39), 15 states have call predecessors, (39), 13 states have call successors, (39) [2022-12-14 14:24:32,523 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 14:24:32,523 INFO L93 Difference]: Finished difference Result 11520 states and 14897 transitions. [2022-12-14 14:24:32,524 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 135 states. [2022-12-14 14:24:32,524 INFO L78 Accepts]: Start accepts. Automaton has has 26 states, 25 states have (on average 6.56) internal successors, (164), 25 states have internal predecessors, (164), 14 states have call successors, (40), 6 states have call predecessors, (40), 11 states have return successors, (39), 15 states have call predecessors, (39), 13 states have call successors, (39) Word has length 113 [2022-12-14 14:24:32,524 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 14:24:32,528 INFO L225 Difference]: With dead ends: 11520 [2022-12-14 14:24:32,528 INFO L226 Difference]: Without dead ends: 0 [2022-12-14 14:24:32,565 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 559 GetRequests, 361 SyntacticMatches, 6 SemanticMatches, 192 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14468 ImplicationChecksByTransitivity, 7.3s TimeCoverageRelationStatistics Valid=3532, Invalid=33910, Unknown=0, NotChecked=0, Total=37442 [2022-12-14 14:24:32,565 INFO L413 NwaCegarLoop]: 181 mSDtfsCounter, 1882 mSDsluCounter, 1399 mSDsCounter, 0 mSdLazyCounter, 4858 mSolverCounterSat, 1999 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1882 SdHoareTripleChecker+Valid, 1580 SdHoareTripleChecker+Invalid, 6857 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1999 IncrementalHoareTripleChecker+Valid, 4858 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.2s IncrementalHoareTripleChecker+Time [2022-12-14 14:24:32,565 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1882 Valid, 1580 Invalid, 6857 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1999 Valid, 4858 Invalid, 0 Unknown, 0 Unchecked, 2.2s Time] [2022-12-14 14:24:32,566 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-12-14 14:24:32,566 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-12-14 14:24:32,566 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-12-14 14:24:32,566 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-12-14 14:24:32,567 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 113 [2022-12-14 14:24:32,567 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 14:24:32,567 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-12-14 14:24:32,567 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 26 states, 25 states have (on average 6.56) internal successors, (164), 25 states have internal predecessors, (164), 14 states have call successors, (40), 6 states have call predecessors, (40), 11 states have return successors, (39), 15 states have call predecessors, (39), 13 states have call successors, (39) [2022-12-14 14:24:32,567 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-12-14 14:24:32,567 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-12-14 14:24:32,569 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-12-14 14:24:32,575 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2022-12-14 14:24:32,770 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 14:24:32,776 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-12-14 14:24:40,143 WARN L233 SmtUtils]: Spent 6.15s on a formula simplification. DAG size of input: 352 DAG size of output: 329 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-12-14 14:24:52,285 WARN L233 SmtUtils]: Spent 11.92s on a formula simplification. DAG size of input: 647 DAG size of output: 394 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-12-14 14:25:28,703 WARN L233 SmtUtils]: Spent 5.66s on a formula simplification. DAG size of input: 883 DAG size of output: 76 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-12-14 14:25:41,106 WARN L233 SmtUtils]: Spent 5.51s on a formula simplification. DAG size of input: 623 DAG size of output: 78 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-12-14 14:25:56,943 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 325 332) no Hoare annotation was computed. [2022-12-14 14:25:56,943 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 325 332) the Hoare annotation is: (let ((.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (= ~switchedOnBeforeTS~0 0)) (.cse8 (= ~pumpRunning~0 1)) (.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (= 2 ~waterLevel~0))) (.cse2 (= |old(~pumpRunning~0)| 0)) (.cse7 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 (not (<= ~waterLevel~0 1)) .cse3) (or .cse1 .cse4 .cse5 .cse6 .cse7 .cse8) (or .cse1 .cse5 .cse6 (not (<= ~waterLevel~0 2)) .cse3 .cse8) (or .cse0 .cse1 .cse4 .cse2 .cse7))) [2022-12-14 14:25:56,943 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 215 221) no Hoare annotation was computed. [2022-12-14 14:25:56,943 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 215 221) the Hoare annotation is: true [2022-12-14 14:25:56,943 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 249 273) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 .cse2 .cse3) (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1 .cse2 .cse3))) [2022-12-14 14:25:56,944 INFO L895 garLoopResultBuilder]: At program point L263(line 263) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse2) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 .cse2))) [2022-12-14 14:25:56,944 INFO L895 garLoopResultBuilder]: At program point L259(line 259) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse2) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 .cse2))) [2022-12-14 14:25:56,944 INFO L899 garLoopResultBuilder]: For program point L257(lines 257 265) no Hoare annotation was computed. [2022-12-14 14:25:56,944 INFO L895 garLoopResultBuilder]: At program point L253(lines 253 270) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 .cse2 .cse3) (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1 .cse2 .cse3))) [2022-12-14 14:25:56,944 INFO L895 garLoopResultBuilder]: At program point L268(line 268) the Hoare annotation is: (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2))) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0)) .cse2 .cse3) (or (not .cse1) .cse0 .cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse3))) [2022-12-14 14:25:56,944 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 249 273) no Hoare annotation was computed. [2022-12-14 14:25:56,944 INFO L899 garLoopResultBuilder]: For program point L268-1(lines 249 273) no Hoare annotation was computed. [2022-12-14 14:25:56,945 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 344 352) no Hoare annotation was computed. [2022-12-14 14:25:56,945 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 344 352) the Hoare annotation is: true [2022-12-14 14:25:56,945 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 477 488) the Hoare annotation is: (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse7 (= |old(~methaneLevelCritical~0)| 0))) (let ((.cse6 (not (<= ~waterLevel~0 1))) (.cse4 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse9 (not (= 0 ~systemActive~0))) (.cse0 (not .cse7)) (.cse10 (not (= 2 ~waterLevel~0))) (.cse5 (not (= ~pumpRunning~0 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse8 (not .cse1)) (.cse3 (not (<= ~waterLevel~0 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse5 .cse1 .cse2 .cse6) (or .cse5 .cse7 .cse8 .cse3 .cse4 .cse9) (or .cse0 .cse5 .cse1 .cse4 .cse6 .cse9) (or .cse2 .cse10 .cse7 .cse8) (or .cse0 .cse1 .cse2 .cse10 (not (= ~pumpRunning~0 1))) (or .cse0 .cse5 .cse1 .cse10 .cse4 .cse9) (or .cse0 .cse5 .cse1 .cse2 .cse10) (or .cse5 .cse2 .cse7 .cse8 .cse3)))) [2022-12-14 14:25:56,945 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 477 488) no Hoare annotation was computed. [2022-12-14 14:25:56,945 INFO L899 garLoopResultBuilder]: For program point L576(line 576) no Hoare annotation was computed. [2022-12-14 14:25:56,945 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 555 584) no Hoare annotation was computed. [2022-12-14 14:25:56,945 INFO L899 garLoopResultBuilder]: For program point L569(lines 569 573) no Hoare annotation was computed. [2022-12-14 14:25:56,946 INFO L902 garLoopResultBuilder]: At program point L569-1(lines 569 573) the Hoare annotation is: true [2022-12-14 14:25:56,946 INFO L902 garLoopResultBuilder]: At program point L565-2(lines 565 579) the Hoare annotation is: true [2022-12-14 14:25:56,946 INFO L902 garLoopResultBuilder]: At program point L561(line 561) the Hoare annotation is: true [2022-12-14 14:25:56,946 INFO L899 garLoopResultBuilder]: For program point L561-1(line 561) no Hoare annotation was computed. [2022-12-14 14:25:56,946 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 555 584) the Hoare annotation is: true [2022-12-14 14:25:56,946 INFO L902 garLoopResultBuilder]: At program point L580(lines 555 584) the Hoare annotation is: true [2022-12-14 14:25:56,946 INFO L899 garLoopResultBuilder]: For program point L283(lines 283 291) no Hoare annotation was computed. [2022-12-14 14:25:56,946 INFO L899 garLoopResultBuilder]: For program point L279(lines 279 296) no Hoare annotation was computed. [2022-12-14 14:25:56,946 INFO L899 garLoopResultBuilder]: For program point L85(lines 85 91) no Hoare annotation was computed. [2022-12-14 14:25:56,947 INFO L895 garLoopResultBuilder]: At program point L82(line 82) the Hoare annotation is: (let ((.cse20 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (= |old(~pumpRunning~0)| 0))) (let ((.cse14 (= ~methaneLevelCritical~0 0)) (.cse23 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse26 (= 1 ~systemActive~0)) (.cse13 (not (<= |old(~waterLevel~0)| 1))) (.cse11 (not .cse3)) (.cse27 (<= |old(~waterLevel~0)| 0)) (.cse24 (not (= ~switchedOnBeforeTS~0 0))) (.cse7 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| ~waterLevel~0)) (.cse8 (let ((.cse28 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse28) .cse20) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse28)))) (.cse10 (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0)) (.cse25 (= ~pumpRunning~0 0))) (let ((.cse6 (not .cse25)) (.cse12 (not (= |old(~waterLevel~0)| 2))) (.cse15 (and .cse24 .cse25 .cse7 .cse8 .cse10)) (.cse18 (and (or .cse13 .cse11) (not .cse27))) (.cse19 (and .cse24 .cse25 .cse7 .cse26 .cse27 .cse20 .cse10)) (.cse22 (not (= 0 ~systemActive~0))) (.cse21 (and .cse25 .cse7 .cse20 .cse9)) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse2 (not .cse26)) (.cse16 (and .cse14 .cse23)) (.cse4 (not .cse14)) (.cse5 (and .cse24 .cse25 .cse7 .cse14 (<= ~waterLevel~0 1) .cse26 .cse8 .cse10)) (.cse17 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (and .cse6 .cse7 .cse8 .cse9 .cse10)) (or .cse11 .cse2 .cse12) (or .cse0 .cse13 .cse14 .cse2 .cse3 .cse15) (or .cse2 .cse16 .cse4 .cse12 .cse5 .cse17) (or .cse0 .cse18 .cse2 .cse19 .cse3 (and .cse6 .cse7 .cse20 .cse9 .cse10)) (or .cse11 .cse18 .cse2 .cse21) (or .cse11 .cse12 .cse22) (or .cse2 (and .cse6 .cse7 (= ~waterLevel~0 1) .cse9 .cse10) .cse4 .cse12 .cse5) (or .cse14 .cse2 .cse12 .cse15) (or .cse0 .cse18 .cse2 .cse19 .cse23 .cse17) (or .cse11 (not (<= |old(~waterLevel~0)| 2)) .cse22 .cse21) (or .cse0 .cse1 .cse2 .cse16 .cse4 .cse5 .cse17))))) [2022-12-14 14:25:56,947 INFO L899 garLoopResultBuilder]: For program point L82-1(line 82) no Hoare annotation was computed. [2022-12-14 14:25:56,947 INFO L895 garLoopResultBuilder]: At program point L202-1(lines 202 208) the Hoare annotation is: (let ((.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse7 (= ~methaneLevelCritical~0 0)) (.cse23 (= 1 ~systemActive~0)) (.cse22 (not (= ~switchedOnBeforeTS~0 0))) (.cse16 (let ((.cse24 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse24) .cse3) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse24)))) (.cse13 (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0)) (.cse12 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (= |old(~pumpRunning~0)| 0)) (.cse6 (= ~pumpRunning~0 0))) (let ((.cse11 (not .cse6)) (.cse5 (not (<= |old(~waterLevel~0)| 1))) (.cse0 (not .cse8)) (.cse14 (and .cse6 .cse3 .cse12)) (.cse9 (= ~waterLevel~0 1)) (.cse10 (and .cse22 .cse6 .cse16 .cse13)) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse19 (= 0 ~systemActive~0)) (.cse4 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not .cse23)) (.cse17 (and .cse7 (not (= |old(~pumpRunning~0)| 1)))) (.cse20 (not .cse7)) (.cse18 (not (<= |old(~waterLevel~0)| 2))) (.cse21 (and .cse22 .cse6 .cse7 .cse23 (<= ~waterLevel~0 2) .cse16 .cse13)) (.cse15 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6 .cse7 .cse1) (or .cse4 .cse1 .cse8 .cse2 .cse9) (or .cse10 (and .cse11 .cse9 .cse12 .cse13) .cse1 .cse14 .cse2 (and .cse3 .cse15)) (or .cse10 .cse4 .cse5 .cse1 .cse8 (and .cse11 .cse16 .cse12 .cse13)) (or .cse0 .cse1 .cse14 .cse17 .cse18) (or .cse5 .cse0 .cse1 .cse14) (or .cse0 .cse14 .cse18 (not .cse19)) (or (and .cse9 .cse15) .cse1 .cse17 .cse8 .cse20 .cse2 .cse19 .cse21) (or .cse10 .cse7 .cse1 .cse17 .cse8 .cse2 .cse19) (or .cse4 .cse1 .cse17 .cse20 .cse18 .cse21 .cse15))))) [2022-12-14 14:25:56,948 INFO L895 garLoopResultBuilder]: At program point L289(line 289) the Hoare annotation is: (let ((.cse9 (= ~methaneLevelCritical~0 0))) (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse2 (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0)) (.cse4 (not (= |old(~waterLevel~0)| 2))) (.cse7 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse11 (and .cse9 (not (= |old(~pumpRunning~0)| 1)))) (.cse10 (= ~pumpRunning~0 1)) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse6 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1 .cse2) .cse3 .cse4) (or .cse5 .cse6 (not (= 0 ~systemActive~0))) (or .cse7 .cse3 (and .cse0 (let ((.cse8 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse8) (= |old(~waterLevel~0)| ~waterLevel~0)) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse8))) .cse1 .cse2) .cse6) (or .cse3 (and .cse9 .cse10) .cse11 .cse4) (or .cse7 (not (<= |old(~waterLevel~0)| 1)) .cse9 .cse3) (or .cse7 .cse3 .cse11 .cse6 .cse10) (or .cse5 .cse3 .cse6)))) [2022-12-14 14:25:56,948 INFO L895 garLoopResultBuilder]: At program point L285(line 285) the Hoare annotation is: (let ((.cse7 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse2 (< 0 |old(~waterLevel~0)|)) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse4 (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0)) (.cse9 (not (= 0 ~systemActive~0))) (.cse8 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~waterLevel~0)| 2))) (.cse10 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= 1 ~systemActive~0))) (.cse11 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 .cse1 .cse2 .cse3 .cse4) .cse5 .cse6) (or .cse7 .cse5 (not (<= |old(~waterLevel~0)| 0)) (and .cse0 .cse8 (= |old(~waterLevel~0)| ~waterLevel~0) .cse3 .cse9 .cse4)) (or .cse7 (not (= |old(~waterLevel~0)| 1)) .cse5 (and .cse0 .cse1 .cse2 .cse8 .cse3 .cse9 .cse4)) (or .cse10 .cse11 .cse9) (or .cse5 .cse8 .cse6) (or .cse10 .cse5 .cse11))) [2022-12-14 14:25:56,948 INFO L895 garLoopResultBuilder]: At program point L281(line 281) the Hoare annotation is: (let ((.cse2 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse7 (not (= ~pumpRunning~0 0))) (.cse8 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse5 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (not (= |old(~waterLevel~0)| 2))) (.cse6 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse2 (not (<= |old(~waterLevel~0)| 1)) .cse3 .cse4 .cse5 .cse6) (or .cse3 (and .cse7 (= ~waterLevel~0 1) .cse8) .cse9) (or .cse2 (and .cse7 (let ((.cse10 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse10) (= |old(~waterLevel~0)| ~waterLevel~0)) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse10))) .cse8) .cse3 .cse1) (or .cse0 .cse3 .cse1) (or .cse3 .cse4 .cse5 .cse9 .cse6))) [2022-12-14 14:25:56,948 INFO L899 garLoopResultBuilder]: For program point L281-1(line 281) no Hoare annotation was computed. [2022-12-14 14:25:56,948 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 188 214) the Hoare annotation is: (let ((.cse3 (= |old(~pumpRunning~0)| 0))) (let ((.cse10 (= ~pumpRunning~0 0)) (.cse18 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse19 (not (= |old(~pumpRunning~0)| 1))) (.cse6 (not .cse3))) (let ((.cse11 (not (= ~switchedOnBeforeTS~0 0))) (.cse12 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse8 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse14 (and (or (not (<= |old(~waterLevel~0)| 1)) .cse6) (not (<= |old(~waterLevel~0)| 0)))) (.cse13 (and .cse1 .cse19)) (.cse15 (and .cse10 .cse18)) (.cse9 (not (= 0 ~systemActive~0))) (.cse5 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not .cse10)) (.cse2 (not (= 1 ~systemActive~0))) (.cse16 (not .cse1)) (.cse4 (not (= |old(~waterLevel~0)| 2))) (.cse17 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse7 .cse8 .cse9) (or .cse6 .cse10 .cse2 .cse4) (or .cse11 .cse6 .cse2 .cse4 .cse12) (or .cse11 .cse6 .cse13 .cse7 .cse9 .cse12) (or .cse11 .cse6 .cse14 .cse2 .cse12) (or .cse5 .cse2 .cse7 .cse8) (or .cse6 .cse14 .cse15 .cse2) (or .cse5 .cse2 .cse13 .cse16 .cse7 .cse17) (or .cse6 .cse15 .cse7 .cse9) (or .cse5 .cse2 .cse3 .cse7 (and .cse0 .cse18)) (or .cse2 .cse4 .cse18) (or .cse2 .cse16 .cse19 .cse4 .cse17))))) [2022-12-14 14:25:56,949 INFO L895 garLoopResultBuilder]: At program point L294(line 294) the Hoare annotation is: (let ((.cse3 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (<= |old(~waterLevel~0)| 1))) (.cse4 (not .cse3)) (.cse6 (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0) (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 (not (<= |old(~waterLevel~0)| 2)) (not (= 0 ~systemActive~0))) (or .cse0 .cse2 .cse3 .cse5) (or .cse1 .cse4 .cse2 .cse6) (or .cse2 .cse6 .cse5) (or .cse2 (and (= ~methaneLevelCritical~0 0) (not (= |old(~pumpRunning~0)| 1))) .cse3 .cse5)))) [2022-12-14 14:25:56,949 INFO L895 garLoopResultBuilder]: At program point L294-1(lines 275 299) the Hoare annotation is: (let ((.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse7 (= ~methaneLevelCritical~0 0)) (.cse23 (= 1 ~systemActive~0)) (.cse22 (not (= ~switchedOnBeforeTS~0 0))) (.cse18 (let ((.cse24 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse24) .cse3) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse24)))) (.cse13 (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0)) (.cse12 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (= |old(~pumpRunning~0)| 0)) (.cse6 (= ~pumpRunning~0 0))) (let ((.cse11 (not .cse6)) (.cse5 (not (<= |old(~waterLevel~0)| 1))) (.cse0 (not .cse8)) (.cse14 (and .cse6 .cse3 .cse12)) (.cse9 (= ~waterLevel~0 1)) (.cse10 (and .cse22 .cse6 .cse18 .cse13)) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse17 (= 0 ~systemActive~0)) (.cse4 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not .cse23)) (.cse19 (and .cse7 (not (= |old(~pumpRunning~0)| 1)))) (.cse20 (not .cse7)) (.cse16 (not (<= |old(~waterLevel~0)| 2))) (.cse21 (and .cse22 .cse6 .cse7 .cse23 (<= ~waterLevel~0 2) .cse18 .cse13)) (.cse15 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6 .cse7 .cse1) (or .cse4 .cse1 .cse8 .cse2 .cse9) (or .cse10 (and .cse11 .cse9 .cse12 .cse13) .cse1 .cse14 .cse2 (and .cse3 .cse15)) (or .cse0 .cse16 (not .cse17)) (or .cse10 .cse4 .cse5 .cse1 .cse8 (and .cse11 .cse18 .cse12 .cse13)) (or .cse0 .cse1 .cse14 .cse19 .cse16) (or .cse5 .cse0 .cse1 .cse14) (or (and .cse9 .cse15) .cse1 .cse19 .cse8 .cse20 .cse2 .cse17 .cse21) (or .cse10 .cse7 .cse1 .cse19 .cse8 .cse2 .cse17) (or .cse4 .cse1 .cse19 .cse20 .cse16 .cse21 .cse15))))) [2022-12-14 14:25:56,949 INFO L895 garLoopResultBuilder]: At program point L67(line 67) the Hoare annotation is: (let ((.cse3 (= |old(~pumpRunning~0)| 0))) (let ((.cse10 (= ~pumpRunning~0 0)) (.cse18 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse19 (not (= |old(~pumpRunning~0)| 1))) (.cse6 (not .cse3))) (let ((.cse11 (not (= ~switchedOnBeforeTS~0 0))) (.cse12 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse8 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse14 (and (or (not (<= |old(~waterLevel~0)| 1)) .cse6) (not (<= |old(~waterLevel~0)| 0)))) (.cse13 (and .cse1 .cse19)) (.cse15 (and .cse10 .cse18)) (.cse9 (not (= 0 ~systemActive~0))) (.cse5 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not .cse10)) (.cse2 (not (= 1 ~systemActive~0))) (.cse16 (not .cse1)) (.cse4 (not (= |old(~waterLevel~0)| 2))) (.cse17 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse7 .cse8 .cse9) (or .cse6 .cse10 .cse2 .cse4) (or .cse11 .cse6 .cse2 .cse4 .cse12) (or .cse11 .cse6 .cse13 .cse7 .cse9 .cse12) (or .cse11 .cse6 .cse14 .cse2 .cse12) (or .cse5 .cse2 .cse7 .cse8) (or .cse6 .cse14 .cse15 .cse2) (or .cse5 .cse2 .cse13 .cse16 .cse7 .cse17) (or .cse6 .cse15 .cse7 .cse9) (or .cse5 .cse2 .cse3 .cse7 (and .cse0 .cse18)) (or .cse2 .cse4 .cse18) (or .cse2 .cse16 .cse19 .cse4 .cse17))))) [2022-12-14 14:25:56,949 INFO L895 garLoopResultBuilder]: At program point L67-1(line 67) the Hoare annotation is: (let ((.cse3 (= |old(~pumpRunning~0)| 0))) (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse19 (= ~pumpRunning~0 1)) (.cse5 (not .cse3)) (.cse0 (= ~pumpRunning~0 0)) (.cse13 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse14 (= |timeShift___utac_acc__Specification5_spec__2_#t~ret4#1| ~pumpRunning~0))) (let ((.cse6 (and .cse0 .cse13 .cse14)) (.cse9 (not (= |old(~waterLevel~0)| 1))) (.cse10 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse15 (not (< 1 |old(~waterLevel~0)|))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse12 (not (= 0 ~systemActive~0))) (.cse8 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse11 (and (or (not (<= |old(~waterLevel~0)| 1)) .cse5) (not (<= |old(~waterLevel~0)| 0)))) (.cse18 (and (or .cse13 (= ~waterLevel~0 1)) .cse14 .cse19)) (.cse2 (not (= 1 ~systemActive~0))) (.cse16 (not .cse1)) (.cse17 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (not (= |old(~waterLevel~0)| 2)))) (and (or (not .cse0) .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse2 .cse7) (or .cse8 .cse9 .cse2 .cse10) (or .cse5 .cse6 .cse11 .cse12) (or .cse2 (and .cse13 .cse14) .cse4) (or .cse8 (and (not (= |timeShift___utac_acc__Specification5_spec__2_#t~ret4#1| 0)) .cse13 .cse10 .cse14) .cse2 .cse3 .cse7) (or .cse8 .cse2 .cse15 .cse7 .cse10) (or .cse8 .cse9 .cse2 .cse16 .cse17 .cse18) (or .cse8 .cse5 .cse9 .cse10 .cse12) (or .cse5 .cse15 .cse7 (and .cse0 (= 2 ~waterLevel~0) .cse14) .cse12) (or .cse8 .cse11 .cse2 .cse16 .cse17 .cse18) (or .cse2 .cse16 .cse17 .cse4 .cse19))))) [2022-12-14 14:25:56,950 INFO L899 garLoopResultBuilder]: For program point L195-2(lines 191 213) no Hoare annotation was computed. [2022-12-14 14:25:56,950 INFO L899 garLoopResultBuilder]: For program point L84(lines 84 94) no Hoare annotation was computed. [2022-12-14 14:25:56,950 INFO L895 garLoopResultBuilder]: At program point L658(line 658) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (not (<= |old(~waterLevel~0)| 1)) .cse2) (or .cse2 (not (= |old(~waterLevel~0)| 2))) (or .cse0 .cse2 .cse1))) [2022-12-14 14:25:56,950 INFO L899 garLoopResultBuilder]: For program point L80(lines 80 97) no Hoare annotation was computed. [2022-12-14 14:25:56,950 INFO L895 garLoopResultBuilder]: At program point L80-1(lines 72 100) the Hoare annotation is: (let ((.cse28 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse12 (= ~pumpRunning~0 1)) (.cse29 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) (.cse4 (= ~methaneLevelCritical~0 0)) (.cse27 (= 1 ~systemActive~0)) (.cse25 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse13 (= |old(~pumpRunning~0)| 0)) (.cse14 (= ~waterLevel~0 1)) (.cse18 (not (= ~switchedOnBeforeTS~0 0))) (.cse7 (= ~pumpRunning~0 0)) (.cse19 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| ~waterLevel~0)) (.cse26 (<= ~waterLevel~0 1)) (.cse15 (let ((.cse30 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse30) .cse28) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse30)))) (.cse20 (= |timeShift_processEnvironment_~tmp~4#1| ~methaneLevelCritical~0))) (let ((.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse10 (and .cse18 .cse7 .cse19 .cse26 .cse15 .cse20)) (.cse8 (or .cse28 .cse14)) (.cse11 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (= 0 ~systemActive~0))) (.cse1 (not .cse13)) (.cse3 (and .cse7 .cse19 .cse28 .cse25)) (.cse9 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse17 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (not .cse27)) (.cse24 (not .cse7)) (.cse22 (not .cse4)) (.cse21 (and (= 2 ~waterLevel~0) .cse27 .cse28 .cse12 .cse29)) (.cse16 (and .cse7 .cse28 .cse25 .cse29)) (.cse6 (not (= |old(~waterLevel~0)| 2))) (.cse23 (and .cse18 .cse7 .cse19 .cse4 .cse26 .cse27 .cse15 .cse20))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6 (and .cse7 .cse8)) (or .cse9 .cse0 .cse5 .cse10 .cse11 .cse12) (or .cse9 .cse0 .cse4 .cse5 .cse10 .cse13) (or (and .cse14 .cse12) (and .cse7 .cse15 .cse8) .cse5 .cse11 .cse6) (or .cse1 (not (< 1 |old(~waterLevel~0)|)) .cse16 .cse17 .cse2) (or .cse4 .cse5 (and .cse18 .cse19 .cse15 .cse20) .cse13 .cse6) (or .cse1 .cse5 .cse21 .cse17 .cse3) (or .cse9 .cse5 .cse13 .cse22 .cse17 .cse23 (and .cse24 .cse19 .cse15 .cse25 .cse20)) (or .cse5 (and .cse24 .cse19 .cse14 .cse25 .cse20) .cse22 .cse21 .cse16 .cse6 .cse23))))) [2022-12-14 14:25:56,950 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 188 214) no Hoare annotation was computed. [2022-12-14 14:25:56,951 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 658) no Hoare annotation was computed. [2022-12-14 14:25:56,951 INFO L895 garLoopResultBuilder]: At program point L168(lines 117 169) the Hoare annotation is: false [2022-12-14 14:25:56,951 INFO L899 garLoopResultBuilder]: For program point L156(lines 156 162) no Hoare annotation was computed. [2022-12-14 14:25:56,951 INFO L895 garLoopResultBuilder]: At program point L156-2(lines 148 163) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1 .cse2) (and .cse3 .cse0 .cse1 .cse2 .cse4) (and .cse3 .cse1 .cse2 .cse4 (= 0 ~systemActive~0)) (and .cse0 .cse1 .cse2 .cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)))) [2022-12-14 14:25:56,951 INFO L899 garLoopResultBuilder]: For program point L119(lines 118 167) no Hoare annotation was computed. [2022-12-14 14:25:56,951 INFO L895 garLoopResultBuilder]: At program point L148(lines 148 163) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1 .cse2) (and .cse3 .cse0 .cse1 .cse2 .cse4) (and .cse0 .cse1 .cse2 .cse4 .cse5) (and .cse3 .cse1 .cse2 .cse4 (= 0 ~systemActive~0) .cse5))) [2022-12-14 14:25:56,951 INFO L895 garLoopResultBuilder]: At program point L433(line 433) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (not (= ~switchedOnBeforeTS~0 0)) .cse0 .cse1 .cse2 .cse3 (<= ~waterLevel~0 2)) (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2 .cse3))) [2022-12-14 14:25:56,951 INFO L895 garLoopResultBuilder]: At program point L140(line 140) the Hoare annotation is: (let ((.cse5 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse6 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 .cse1 .cse2 .cse3 .cse4 .cse6) (and (= 2 ~waterLevel~0) (or (not .cse5) (= ~pumpRunning~0 1)) .cse1 .cse2 .cse3) (and .cse0 .cse2 .cse3 .cse4 (= 0 ~systemActive~0) .cse6))) [2022-12-14 14:25:56,952 INFO L895 garLoopResultBuilder]: At program point L165(lines 118 167) the Hoare annotation is: (let ((.cse0 (= ~methaneLevelCritical~0 0)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse6 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1) .cse4) (and .cse5 .cse1 (not .cse0) .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= ~waterLevel~0 0) .cse4) (and .cse6 .cse5 .cse1 .cse2 .cse3) (and .cse6 .cse2 .cse3 (<= ~waterLevel~0 2) (= 0 ~systemActive~0) .cse4) (and .cse5 .cse1 .cse2 .cse3 (= ~pumpRunning~0 1)) (and .cse6 (<= ~waterLevel~0 1) .cse1 .cse2 .cse3))) [2022-12-14 14:25:56,952 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-12-14 14:25:56,952 INFO L895 garLoopResultBuilder]: At program point L640(lines 640 647) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_main_~tmp~8#1| 1) (= ~waterLevel~0 1) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) [2022-12-14 14:25:56,952 INFO L899 garLoopResultBuilder]: For program point L128(lines 128 134) no Hoare annotation was computed. [2022-12-14 14:25:56,952 INFO L899 garLoopResultBuilder]: For program point L128-1(lines 128 134) no Hoare annotation was computed. [2022-12-14 14:25:56,952 INFO L902 garLoopResultBuilder]: At program point L640-2(lines 640 647) the Hoare annotation is: true [2022-12-14 14:25:56,952 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(line -1) the Hoare annotation is: true [2022-12-14 14:25:56,952 INFO L899 garLoopResultBuilder]: For program point L431(lines 431 437) no Hoare annotation was computed. [2022-12-14 14:25:56,952 INFO L895 garLoopResultBuilder]: At program point L431-1(lines 431 437) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 (<= ~waterLevel~0 2) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 (<= ~waterLevel~0 1) (= 1 ~systemActive~0) .cse1 .cse2))) [2022-12-14 14:25:56,952 INFO L902 garLoopResultBuilder]: At program point L171(lines 108 175) the Hoare annotation is: true [2022-12-14 14:25:56,952 INFO L899 garLoopResultBuilder]: For program point L138(lines 138 144) no Hoare annotation was computed. [2022-12-14 14:25:56,952 INFO L899 garLoopResultBuilder]: For program point L138-1(lines 138 144) no Hoare annotation was computed. [2022-12-14 14:25:56,953 INFO L895 garLoopResultBuilder]: At program point L130(line 130) the Hoare annotation is: (let ((.cse10 (= 0 ~systemActive~0))) (let ((.cse0 (= 2 ~waterLevel~0)) (.cse2 (= ~methaneLevelCritical~0 0)) (.cse5 (not .cse10)) (.cse9 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse7 (= ~pumpRunning~0 0)) (.cse8 (<= ~waterLevel~0 1)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_main_~tmp~8#1| 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 (not .cse2) .cse3 .cse4 .cse5) (and .cse1 (let ((.cse6 (= ~pumpRunning~0 1))) (or (and .cse0 .cse3 .cse4 .cse5 .cse6) (and .cse2 .cse3 .cse4 (= ~waterLevel~0 1) .cse5 .cse6)))) (and .cse7 .cse0 .cse1 .cse3 .cse4) (and .cse2 .cse8 .cse1 .cse3 .cse4 .cse9 .cse5) (and .cse7 .cse3 .cse4 (<= ~waterLevel~0 2) .cse10 .cse9) (and .cse7 .cse8 .cse1 .cse3 .cse4)))) [2022-12-14 14:25:56,953 INFO L895 garLoopResultBuilder]: At program point L242(line 242) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse2) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 .cse2))) [2022-12-14 14:25:56,953 INFO L899 garLoopResultBuilder]: For program point L242-1(lines 223 247) no Hoare annotation was computed. [2022-12-14 14:25:56,953 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 223 247) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 .cse2 .cse3) (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1 .cse2 .cse3))) [2022-12-14 14:25:56,953 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 223 247) no Hoare annotation was computed. [2022-12-14 14:25:56,953 INFO L895 garLoopResultBuilder]: At program point L313(line 313) the Hoare annotation is: (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2))) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0)) .cse2 .cse3) (or (not .cse1) .cse0 (and (= 2 ~waterLevel~0) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse2 .cse3))) [2022-12-14 14:25:56,953 INFO L895 garLoopResultBuilder]: At program point L313-1(line 313) the Hoare annotation is: (let ((.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse0 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or (and (= ~pumpRunning~0 0) .cse0) .cse1 (not (= ~methaneLevelCritical~0 0)) (not (<= ~waterLevel~0 2)) .cse2) (or .cse3 .cse1 (not (<= ~waterLevel~0 1)) .cse2) (or .cse3 .cse1 (not (= 2 ~waterLevel~0)) (and (= ~methaneLevelCritical~0 |processEnvironment__wrappee__highWaterSensor_activatePump_#t~ret14#1|) .cse0) .cse2))) [2022-12-14 14:25:56,954 INFO L895 garLoopResultBuilder]: At program point L237(line 237) the Hoare annotation is: (let ((.cse3 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse3)) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 (= |processEnvironment__wrappee__highWaterSensor_~tmp~2#1| 0) .cse1 (not (<= ~waterLevel~0 1)) .cse2) (or .cse1 .cse3 (not (= ~methaneLevelCritical~0 0)) .cse4 .cse2) (or .cse0 .cse1 .cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse2)))) [2022-12-14 14:25:56,954 INFO L899 garLoopResultBuilder]: For program point L231(lines 231 239) no Hoare annotation was computed. [2022-12-14 14:25:56,954 INFO L895 garLoopResultBuilder]: At program point L227(lines 227 244) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 .cse2 .cse3) (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1 .cse2 .cse3))) [2022-12-14 14:25:56,954 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 465 476) no Hoare annotation was computed. [2022-12-14 14:25:56,954 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 465 476) the Hoare annotation is: (let ((.cse9 (not (<= |old(~waterLevel~0)| 1))) (.cse6 (not (= ~pumpRunning~0 0))) (.cse0 (= ~methaneLevelCritical~0 0))) (let ((.cse5 (not (= ~pumpRunning~0 1))) (.cse4 (not .cse0)) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse1 (not (= 1 ~systemActive~0))) (.cse10 (and (or .cse9 .cse6) (not (<= |old(~waterLevel~0)| 0)))) (.cse7 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or (not (= |old(~waterLevel~0)| 1)) .cse1 .cse4 .cse5 (= ~waterLevel~0 1)) (or .cse6 (= 2 ~waterLevel~0) .cse7 .cse2 .cse8) (or .cse1 .cse5 .cse2 .cse3) (or .cse9 .cse1 .cse4 .cse7 .cse3) (or .cse6 .cse1 .cse2 .cse3) (or .cse6 .cse1 .cse10 .cse3) (or .cse6 .cse10 .cse7 .cse3 .cse8)))) [2022-12-14 14:25:56,954 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 333 343) no Hoare annotation was computed. [2022-12-14 14:25:56,954 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 333 343) the Hoare annotation is: true [2022-12-14 14:25:56,957 INFO L445 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 14:25:56,958 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-12-14 14:25:56,985 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 14.12 02:25:56 BoogieIcfgContainer [2022-12-14 14:25:56,985 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-12-14 14:25:56,985 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-12-14 14:25:56,985 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-12-14 14:25:56,985 INFO L275 PluginConnector]: Witness Printer initialized [2022-12-14 14:25:56,986 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.12 02:23:55" (3/4) ... [2022-12-14 14:25:56,988 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-12-14 14:25:56,993 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-12-14 14:25:56,993 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-12-14 14:25:56,993 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-12-14 14:25:56,993 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-12-14 14:25:56,993 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-12-14 14:25:56,993 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-12-14 14:25:56,993 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-12-14 14:25:56,993 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2022-12-14 14:25:56,994 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-12-14 14:25:56,994 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2022-12-14 14:25:57,001 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 54 nodes and edges [2022-12-14 14:25:57,001 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 14 nodes and edges [2022-12-14 14:25:57,001 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-12-14 14:25:57,001 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-12-14 14:25:57,002 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-12-14 14:25:57,021 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((!(pumpRunning == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || pumpRunning == switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning)) || ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) && !(\old(waterLevel) <= 0))) || !(0 == systemActive))) && ((!(1 == systemActive) || (\old(waterLevel) == waterLevel && aux-isPumpRunning()-aux == pumpRunning)) || !(\old(waterLevel) == 2))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((!(aux-isPumpRunning()-aux == 0) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && aux-isPumpRunning()-aux == pumpRunning)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(\old(waterLevel) <= 2))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((\old(waterLevel) == waterLevel || waterLevel == 1) && aux-isPumpRunning()-aux == pumpRunning) && pumpRunning == 1))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || pumpRunning == switchedOnBeforeTS) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == 0 && 2 == waterLevel) && aux-isPumpRunning()-aux == pumpRunning)) || !(0 == systemActive))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) && !(\old(waterLevel) <= 0))) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((\old(waterLevel) == waterLevel || waterLevel == 1) && aux-isPumpRunning()-aux == pumpRunning) && pumpRunning == 1))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || pumpRunning == 1) [2022-12-14 14:25:57,022 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || pumpRunning == 0) || methaneLevelCritical == 0) || !(1 == systemActive))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || (((!(pumpRunning == 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || (((!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && ((((((((waterLevel == 1 && pumpRunning == 1) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel <= 2) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical))) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || methaneLevelCritical == 0) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || 0 == systemActive)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || ((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel <= 2) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || pumpRunning == 1) [2022-12-14 14:25:57,023 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(0 == systemActive)) || (((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) && (((methaneLevelCritical == 0 || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (pumpRunning == 0 && (\old(waterLevel) == waterLevel || waterLevel == 1)))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && waterLevel <= 1) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || !(\old(pumpRunning) == 1)) || pumpRunning == 1)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || methaneLevelCritical == 0) || !(1 == systemActive)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && waterLevel <= 1) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || \old(pumpRunning) == 0)) && (((((waterLevel == 1 && pumpRunning == 1) || ((pumpRunning == 0 && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && (\old(waterLevel) == waterLevel || waterLevel == 1))) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && tmp == 2)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && ((((methaneLevelCritical == 0 || !(1 == systemActive)) || (((!(switchedOnBeforeTS == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((((2 == waterLevel && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1) && tmp == 2)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && methaneLevelCritical == 0) && waterLevel <= 1) && 1 == systemActive) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || ((((!(pumpRunning == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical))) && ((((((!(1 == systemActive) || ((((!(pumpRunning == 0) && tmp == waterLevel) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 0)) || ((((2 == waterLevel && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1) && tmp == 2)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && tmp == 2)) || !(\old(waterLevel) == 2)) || (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && methaneLevelCritical == 0) && waterLevel <= 1) && 1 == systemActive) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) [2022-12-14 14:25:57,023 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive))) && (!(1 == systemActive) || !(\old(waterLevel) == 2))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-12-14 14:25:57,023 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || pumpRunning == 0) || methaneLevelCritical == 0) || !(1 == systemActive))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || (((!(pumpRunning == 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || (((!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS))) && ((((((((waterLevel == 1 && pumpRunning == 1) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel <= 2) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical))) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || methaneLevelCritical == 0) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || 0 == systemActive)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || ((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel <= 2) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || pumpRunning == 1) [2022-12-14 14:25:57,023 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) [2022-12-14 14:25:57,024 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) [2022-12-14 14:25:57,025 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((pumpRunning == 0 && pumpRunning == switchedOnBeforeTS) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1)) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || (methaneLevelCritical == aux-isMethaneAlarm()-aux && pumpRunning == switchedOnBeforeTS)) || !(switchedOnBeforeTS == \old(pumpRunning))) [2022-12-14 14:25:57,043 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/witness.graphml [2022-12-14 14:25:57,043 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-12-14 14:25:57,043 INFO L158 Benchmark]: Toolchain (without parser) took 122125.06ms. Allocated memory was 142.6MB in the beginning and 752.9MB in the end (delta: 610.3MB). Free memory was 107.4MB in the beginning and 396.6MB in the end (delta: -289.2MB). Peak memory consumption was 324.2MB. Max. memory is 16.1GB. [2022-12-14 14:25:57,043 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 117.4MB. Free memory was 91.8MB in the beginning and 91.8MB in the end (delta: 24.2kB). There was no memory consumed. Max. memory is 16.1GB. [2022-12-14 14:25:57,044 INFO L158 Benchmark]: CACSL2BoogieTranslator took 307.33ms. Allocated memory is still 142.6MB. Free memory was 106.9MB in the beginning and 88.0MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-12-14 14:25:57,044 INFO L158 Benchmark]: Boogie Procedure Inliner took 48.16ms. Allocated memory is still 142.6MB. Free memory was 88.0MB in the beginning and 85.4MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-12-14 14:25:57,044 INFO L158 Benchmark]: Boogie Preprocessor took 26.68ms. Allocated memory is still 142.6MB. Free memory was 85.4MB in the beginning and 83.8MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-12-14 14:25:57,044 INFO L158 Benchmark]: RCFGBuilder took 430.38ms. Allocated memory is still 142.6MB. Free memory was 83.8MB in the beginning and 106.9MB in the end (delta: -23.1MB). Peak memory consumption was 27.0MB. Max. memory is 16.1GB. [2022-12-14 14:25:57,044 INFO L158 Benchmark]: TraceAbstraction took 121249.66ms. Allocated memory was 142.6MB in the beginning and 752.9MB in the end (delta: 610.3MB). Free memory was 106.9MB in the beginning and 402.9MB in the end (delta: -296.0MB). Peak memory consumption was 503.0MB. Max. memory is 16.1GB. [2022-12-14 14:25:57,044 INFO L158 Benchmark]: Witness Printer took 57.91ms. Allocated memory is still 752.9MB. Free memory was 402.9MB in the beginning and 396.6MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-12-14 14:25:57,045 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 117.4MB. Free memory was 91.8MB in the beginning and 91.8MB in the end (delta: 24.2kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 307.33ms. Allocated memory is still 142.6MB. Free memory was 106.9MB in the beginning and 88.0MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 48.16ms. Allocated memory is still 142.6MB. Free memory was 88.0MB in the beginning and 85.4MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 26.68ms. Allocated memory is still 142.6MB. Free memory was 85.4MB in the beginning and 83.8MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 430.38ms. Allocated memory is still 142.6MB. Free memory was 83.8MB in the beginning and 106.9MB in the end (delta: -23.1MB). Peak memory consumption was 27.0MB. Max. memory is 16.1GB. * TraceAbstraction took 121249.66ms. Allocated memory was 142.6MB in the beginning and 752.9MB in the end (delta: 610.3MB). Free memory was 106.9MB in the beginning and 402.9MB in the end (delta: -296.0MB). Peak memory consumption was 503.0MB. Max. memory is 16.1GB. * Witness Printer took 57.91ms. Allocated memory is still 752.9MB. Free memory was 402.9MB in the beginning and 396.6MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 658]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 80 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 121.2s, OverallIterations: 10, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 12.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 84.2s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 4368 SdHoareTripleChecker+Valid, 5.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 4333 mSDsluCounter, 7019 SdHoareTripleChecker+Invalid, 4.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 5539 mSDsCounter, 3842 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 10926 IncrementalHoareTripleChecker+Invalid, 14768 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 3842 mSolverCounterUnsat, 1480 mSDtfsCounter, 10926 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1320 GetRequests, 829 SyntacticMatches, 23 SemanticMatches, 468 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 26652 ImplicationChecksByTransitivity, 18.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=3094occurred in iteration=9, InterpolantAutomatonStates: 346, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 10 MinimizatonAttempts, 2004 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 46 LocationsWithAnnotation, 10985 PreInvPairs, 14251 NumberOfFragments, 5012 HoareAnnotationTreeSize, 10985 FomulaSimplifications, 277958 FormulaSimplificationTreeSizeReduction, 30.3s HoareSimplificationTime, 46 FomulaSimplificationsInter, 634797 FormulaSimplificationTreeSizeReductionInter, 53.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.4s InterpolantComputationTime, 785 NumberOfCodeBlocks, 785 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1046 ConstructedInterpolants, 0 QuantifiedInterpolants, 2658 SizeOfPredicates, 29 NumberOfNonLiveVariables, 1199 ConjunctsInSsa, 69 ConjunctsInUnsatCore, 16 InterpolantComputations, 7 PerfectInterpolantSequences, 411/497 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 202]: Loop Invariant Derived loop invariant: ((((((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || pumpRunning == 0) || methaneLevelCritical == 0) || !(1 == systemActive))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || (((!(pumpRunning == 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || (((!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && ((((((((waterLevel == 1 && pumpRunning == 1) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel <= 2) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical))) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || methaneLevelCritical == 0) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || 0 == systemActive)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || ((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel <= 2) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || pumpRunning == 1) - InvariantResult [Line: 555]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 565]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 431]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2) && pumpRunning == switchedOnBeforeTS) || (((pumpRunning == 0 && 2 == waterLevel) && tmp == 1) && splverifierCounter == 0)) || ((((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) - InvariantResult [Line: 333]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 275]: Loop Invariant Derived loop invariant: ((((((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || pumpRunning == 0) || methaneLevelCritical == 0) || !(1 == systemActive))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || (((!(pumpRunning == 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || (((!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS))) && ((((((((waterLevel == 1 && pumpRunning == 1) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel <= 2) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical))) && (((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical) || methaneLevelCritical == 0) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || 0 == systemActive)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || ((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel <= 2) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || pumpRunning == 1) - InvariantResult [Line: 117]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 227]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) - InvariantResult [Line: 72]: Loop Invariant Derived loop invariant: (((((((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(0 == systemActive)) || (((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) && (((methaneLevelCritical == 0 || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (pumpRunning == 0 && (\old(waterLevel) == waterLevel || waterLevel == 1)))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && waterLevel <= 1) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || !(\old(pumpRunning) == 1)) || pumpRunning == 1)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || methaneLevelCritical == 0) || !(1 == systemActive)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && waterLevel <= 1) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || \old(pumpRunning) == 0)) && (((((waterLevel == 1 && pumpRunning == 1) || ((pumpRunning == 0 && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && (\old(waterLevel) == waterLevel || waterLevel == 1))) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && tmp == 2)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && ((((methaneLevelCritical == 0 || !(1 == systemActive)) || (((!(switchedOnBeforeTS == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((((2 == waterLevel && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1) && tmp == 2)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && methaneLevelCritical == 0) && waterLevel <= 1) && 1 == systemActive) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) || ((((!(pumpRunning == 0) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical))) && ((((((!(1 == systemActive) || ((((!(pumpRunning == 0) && tmp == waterLevel) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 0)) || ((((2 == waterLevel && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1) && tmp == 2)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && tmp == 2)) || !(\old(waterLevel) == 2)) || (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp == waterLevel) && methaneLevelCritical == 0) && waterLevel <= 1) && 1 == systemActive) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == methaneLevelCritical)) - InvariantResult [Line: 658]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive))) && (!(1 == systemActive) || !(\old(waterLevel) == 2))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 108]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 118]: Loop Invariant Derived loop invariant: ((((((((((methaneLevelCritical == 0 && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) || ((((2 == waterLevel && 1 == systemActive) && !(methaneLevelCritical == 0)) && tmp == 1) && splverifierCounter == 0)) || (((((methaneLevelCritical == 0 && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) && waterLevel <= 0) && pumpRunning == switchedOnBeforeTS)) || ((((pumpRunning == 0 && 2 == waterLevel) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0)) || (((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || ((((2 == waterLevel && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) && pumpRunning == 1)) || ((((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) - InvariantResult [Line: 67]: Loop Invariant Derived loop invariant: ((((((((((((((!(pumpRunning == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || pumpRunning == switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning)) || ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) && !(\old(waterLevel) <= 0))) || !(0 == systemActive))) && ((!(1 == systemActive) || (\old(waterLevel) == waterLevel && aux-isPumpRunning()-aux == pumpRunning)) || !(\old(waterLevel) == 2))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((!(aux-isPumpRunning()-aux == 0) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && aux-isPumpRunning()-aux == pumpRunning)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(\old(waterLevel) <= 2))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((\old(waterLevel) == waterLevel || waterLevel == 1) && aux-isPumpRunning()-aux == pumpRunning) && pumpRunning == 1))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || pumpRunning == switchedOnBeforeTS) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == 0 && 2 == waterLevel) && aux-isPumpRunning()-aux == pumpRunning)) || !(0 == systemActive))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) && !(\old(waterLevel) <= 0))) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((\old(waterLevel) == waterLevel || waterLevel == 1) && aux-isPumpRunning()-aux == pumpRunning) && pumpRunning == 1))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || pumpRunning == 1) - InvariantResult [Line: 148]: Loop Invariant Derived loop invariant: (((((2 == waterLevel && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) || ((((pumpRunning == 0 && 1 == systemActive) && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2)) || ((((1 == systemActive && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2) && pumpRunning == switchedOnBeforeTS)) || (((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && waterLevel <= 2) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS) - InvariantResult [Line: 313]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0 && pumpRunning == switchedOnBeforeTS) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1)) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || (methaneLevelCritical == aux-isMethaneAlarm()-aux && pumpRunning == switchedOnBeforeTS)) || !(switchedOnBeforeTS == \old(pumpRunning))) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 640]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && tmp == 1) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS - InvariantResult [Line: 640]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 253]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) RESULT: Ultimate proved your program to be correct! [2022-12-14 14:25:57,071 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9a11a149-0f16-43e8-a2b0-e2745489b5ee/bin/utaipan-gh47qXpMRh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE