./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 6c24879c Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 5bb0c67d0f3b897df6aba0c402ea453b42e61f1d6e102d991db16c73430a771e --- Real Ultimate output --- This is Ultimate 0.2.2-?-6c24879 [2022-07-12 06:19:55,831 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-12 06:19:55,833 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-12 06:19:55,852 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-12 06:19:55,853 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-12 06:19:55,853 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-12 06:19:55,854 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-12 06:19:55,855 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-12 06:19:55,857 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-12 06:19:55,857 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-12 06:19:55,858 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-12 06:19:55,859 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-12 06:19:55,861 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-12 06:19:55,867 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-12 06:19:55,868 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-12 06:19:55,870 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-12 06:19:55,876 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-12 06:19:55,876 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-12 06:19:55,877 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-12 06:19:55,878 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-12 06:19:55,879 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-12 06:19:55,895 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-12 06:19:55,895 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-12 06:19:55,896 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-12 06:19:55,897 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-12 06:19:55,899 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-12 06:19:55,903 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-12 06:19:55,903 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-12 06:19:55,904 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-12 06:19:55,904 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-12 06:19:55,905 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-12 06:19:55,906 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-12 06:19:55,907 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-12 06:19:55,907 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-12 06:19:55,908 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-12 06:19:55,909 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-12 06:19:55,909 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-12 06:19:55,909 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-12 06:19:55,909 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-12 06:19:55,910 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-12 06:19:55,910 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-12 06:19:55,911 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-12 06:19:55,913 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-12 06:19:55,934 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-12 06:19:55,940 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-12 06:19:55,940 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-12 06:19:55,940 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-12 06:19:55,941 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-12 06:19:55,941 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-12 06:19:55,941 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-12 06:19:55,941 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-12 06:19:55,942 INFO L138 SettingsManager]: * Use SBE=true [2022-07-12 06:19:55,942 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-12 06:19:55,942 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-12 06:19:55,943 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-12 06:19:55,943 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-12 06:19:55,943 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-12 06:19:55,943 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-12 06:19:55,943 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-12 06:19:55,943 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-12 06:19:55,943 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-12 06:19:55,944 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-12 06:19:55,944 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-12 06:19:55,944 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-12 06:19:55,944 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-12 06:19:55,944 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-12 06:19:55,945 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-12 06:19:55,945 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-12 06:19:55,945 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-12 06:19:55,945 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-12 06:19:55,945 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-12 06:19:55,945 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-12 06:19:55,945 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-12 06:19:55,946 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-12 06:19:55,946 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-12 06:19:55,946 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-12 06:19:55,946 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 5bb0c67d0f3b897df6aba0c402ea453b42e61f1d6e102d991db16c73430a771e [2022-07-12 06:19:56,167 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-12 06:19:56,187 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-12 06:19:56,189 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-12 06:19:56,190 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-12 06:19:56,191 INFO L275 PluginConnector]: CDTParser initialized [2022-07-12 06:19:56,192 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c [2022-07-12 06:19:56,251 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/14f83012a/fb7c3318d6604918acee6e8ef5a3321d/FLAG8e37218c7 [2022-07-12 06:19:56,614 INFO L306 CDTParser]: Found 1 translation units. [2022-07-12 06:19:56,614 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c [2022-07-12 06:19:56,631 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/14f83012a/fb7c3318d6604918acee6e8ef5a3321d/FLAG8e37218c7 [2022-07-12 06:19:56,988 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/14f83012a/fb7c3318d6604918acee6e8ef5a3321d [2022-07-12 06:19:56,990 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-12 06:19:56,991 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-12 06:19:56,992 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-12 06:19:56,993 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-12 06:19:56,995 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-12 06:19:56,995 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.07 06:19:56" (1/1) ... [2022-07-12 06:19:56,996 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@9186c07 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:56, skipping insertion in model container [2022-07-12 06:19:56,996 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.07 06:19:56" (1/1) ... [2022-07-12 06:19:57,003 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-12 06:19:57,031 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-12 06:19:57,223 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c[14361,14374] [2022-07-12 06:19:57,237 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-12 06:19:57,243 INFO L203 MainTranslator]: Completed pre-run [2022-07-12 06:19:57,288 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c[14361,14374] [2022-07-12 06:19:57,297 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-12 06:19:57,310 INFO L208 MainTranslator]: Completed translation [2022-07-12 06:19:57,316 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57 WrapperNode [2022-07-12 06:19:57,317 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-12 06:19:57,318 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-12 06:19:57,318 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-12 06:19:57,318 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-12 06:19:57,323 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57" (1/1) ... [2022-07-12 06:19:57,332 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57" (1/1) ... [2022-07-12 06:19:57,355 INFO L137 Inliner]: procedures = 54, calls = 152, calls flagged for inlining = 22, calls inlined = 18, statements flattened = 225 [2022-07-12 06:19:57,355 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-12 06:19:57,356 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-12 06:19:57,356 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-12 06:19:57,356 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-12 06:19:57,362 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57" (1/1) ... [2022-07-12 06:19:57,362 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57" (1/1) ... [2022-07-12 06:19:57,376 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57" (1/1) ... [2022-07-12 06:19:57,376 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57" (1/1) ... [2022-07-12 06:19:57,380 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57" (1/1) ... [2022-07-12 06:19:57,383 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57" (1/1) ... [2022-07-12 06:19:57,384 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57" (1/1) ... [2022-07-12 06:19:57,386 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-12 06:19:57,387 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-12 06:19:57,387 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-12 06:19:57,387 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-12 06:19:57,388 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57" (1/1) ... [2022-07-12 06:19:57,395 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-12 06:19:57,413 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-12 06:19:57,422 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-12 06:19:57,427 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-12 06:19:57,458 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-12 06:19:57,458 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-12 06:19:57,458 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-12 06:19:57,458 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-12 06:19:57,458 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-12 06:19:57,458 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-12 06:19:57,459 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-12 06:19:57,459 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-12 06:19:57,459 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-12 06:19:57,459 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-07-12 06:19:57,459 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-07-12 06:19:57,459 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-12 06:19:57,459 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-12 06:19:57,459 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-12 06:19:57,460 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-12 06:19:57,460 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-12 06:19:57,522 INFO L234 CfgBuilder]: Building ICFG [2022-07-12 06:19:57,523 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-12 06:19:57,702 INFO L275 CfgBuilder]: Performing block encoding [2022-07-12 06:19:57,707 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-12 06:19:57,707 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-12 06:19:57,709 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.07 06:19:57 BoogieIcfgContainer [2022-07-12 06:19:57,709 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-12 06:19:57,711 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-12 06:19:57,711 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-12 06:19:57,713 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-12 06:19:57,713 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 12.07 06:19:56" (1/3) ... [2022-07-12 06:19:57,714 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3efcd5c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.07 06:19:57, skipping insertion in model container [2022-07-12 06:19:57,714 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.07 06:19:57" (2/3) ... [2022-07-12 06:19:57,714 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3efcd5c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.07 06:19:57, skipping insertion in model container [2022-07-12 06:19:57,714 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.07 06:19:57" (3/3) ... [2022-07-12 06:19:57,715 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product20.cil.c [2022-07-12 06:19:57,726 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-12 06:19:57,726 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-12 06:19:57,759 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-12 06:19:57,763 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@71a16f8b, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@30cfd6c [2022-07-12 06:19:57,764 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-12 06:19:57,768 INFO L276 IsEmpty]: Start isEmpty. Operand has 77 states, 59 states have (on average 1.3898305084745763) internal successors, (82), 66 states have internal predecessors, (82), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2022-07-12 06:19:57,775 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-07-12 06:19:57,775 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:19:57,776 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:19:57,776 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:19:57,781 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:19:57,781 INFO L85 PathProgramCache]: Analyzing trace with hash -1506660750, now seen corresponding path program 1 times [2022-07-12 06:19:57,788 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:19:57,789 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1438977706] [2022-07-12 06:19:57,789 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:19:57,789 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:19:57,872 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:19:57,923 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-12 06:19:57,924 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:19:57,925 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1438977706] [2022-07-12 06:19:57,925 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1438977706] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:19:57,925 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:19:57,926 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-12 06:19:57,927 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [227070770] [2022-07-12 06:19:57,928 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:19:57,933 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-12 06:19:57,934 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:19:57,960 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-12 06:19:57,961 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-12 06:19:57,963 INFO L87 Difference]: Start difference. First operand has 77 states, 59 states have (on average 1.3898305084745763) internal successors, (82), 66 states have internal predecessors, (82), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:19:58,013 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:19:58,013 INFO L93 Difference]: Finished difference Result 146 states and 199 transitions. [2022-07-12 06:19:58,014 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-12 06:19:58,015 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-07-12 06:19:58,015 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:19:58,021 INFO L225 Difference]: With dead ends: 146 [2022-07-12 06:19:58,021 INFO L226 Difference]: Without dead ends: 68 [2022-07-12 06:19:58,024 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-12 06:19:58,028 INFO L413 NwaCegarLoop]: 96 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 96 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-12 06:19:58,029 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-12 06:19:58,040 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2022-07-12 06:19:58,059 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2022-07-12 06:19:58,061 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 68 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 58 states have internal predecessors, (68), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-07-12 06:19:58,063 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 87 transitions. [2022-07-12 06:19:58,064 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 87 transitions. Word has length 19 [2022-07-12 06:19:58,064 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:19:58,064 INFO L495 AbstractCegarLoop]: Abstraction has 68 states and 87 transitions. [2022-07-12 06:19:58,065 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:19:58,065 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 87 transitions. [2022-07-12 06:19:58,066 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-07-12 06:19:58,066 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:19:58,066 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:19:58,067 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-12 06:19:58,067 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:19:58,068 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:19:58,069 INFO L85 PathProgramCache]: Analyzing trace with hash 1702349577, now seen corresponding path program 1 times [2022-07-12 06:19:58,069 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:19:58,070 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1704302118] [2022-07-12 06:19:58,070 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:19:58,070 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:19:58,098 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:19:58,148 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-12 06:19:58,148 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:19:58,148 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1704302118] [2022-07-12 06:19:58,149 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1704302118] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:19:58,149 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:19:58,149 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-12 06:19:58,149 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [84204512] [2022-07-12 06:19:58,150 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:19:58,150 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-12 06:19:58,151 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:19:58,153 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-12 06:19:58,153 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-12 06:19:58,153 INFO L87 Difference]: Start difference. First operand 68 states and 87 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:19:58,162 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:19:58,162 INFO L93 Difference]: Finished difference Result 97 states and 123 transitions. [2022-07-12 06:19:58,163 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-12 06:19:58,163 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2022-07-12 06:19:58,163 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:19:58,164 INFO L225 Difference]: With dead ends: 97 [2022-07-12 06:19:58,164 INFO L226 Difference]: Without dead ends: 59 [2022-07-12 06:19:58,165 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-12 06:19:58,166 INFO L413 NwaCegarLoop]: 74 mSDtfsCounter, 17 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-12 06:19:58,166 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 126 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-12 06:19:58,167 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-07-12 06:19:58,171 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2022-07-12 06:19:58,171 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 46 states have (on average 1.326086956521739) internal successors, (61), 52 states have internal predecessors, (61), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2022-07-12 06:19:58,172 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 75 transitions. [2022-07-12 06:19:58,172 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 75 transitions. Word has length 20 [2022-07-12 06:19:58,172 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:19:58,173 INFO L495 AbstractCegarLoop]: Abstraction has 59 states and 75 transitions. [2022-07-12 06:19:58,173 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:19:58,173 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 75 transitions. [2022-07-12 06:19:58,174 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-07-12 06:19:58,174 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:19:58,174 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:19:58,174 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-12 06:19:58,174 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:19:58,175 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:19:58,175 INFO L85 PathProgramCache]: Analyzing trace with hash -992613126, now seen corresponding path program 1 times [2022-07-12 06:19:58,175 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:19:58,175 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1180317305] [2022-07-12 06:19:58,175 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:19:58,176 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:19:58,202 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:19:58,262 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-12 06:19:58,262 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:19:58,262 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1180317305] [2022-07-12 06:19:58,262 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1180317305] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:19:58,262 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:19:58,262 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-12 06:19:58,262 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [224406163] [2022-07-12 06:19:58,263 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:19:58,263 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-12 06:19:58,263 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:19:58,263 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-12 06:19:58,264 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-12 06:19:58,264 INFO L87 Difference]: Start difference. First operand 59 states and 75 transitions. Second operand has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:19:58,411 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:19:58,412 INFO L93 Difference]: Finished difference Result 215 states and 287 transitions. [2022-07-12 06:19:58,413 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-12 06:19:58,413 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 25 [2022-07-12 06:19:58,414 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:19:58,417 INFO L225 Difference]: With dead ends: 215 [2022-07-12 06:19:58,417 INFO L226 Difference]: Without dead ends: 163 [2022-07-12 06:19:58,417 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-07-12 06:19:58,418 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 176 mSDsluCounter, 326 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 176 SdHoareTripleChecker+Valid, 420 SdHoareTripleChecker+Invalid, 105 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-12 06:19:58,418 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [176 Valid, 420 Invalid, 105 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-12 06:19:58,419 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 163 states. [2022-07-12 06:19:58,434 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 163 to 141. [2022-07-12 06:19:58,434 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 141 states, 108 states have (on average 1.3703703703703705) internal successors, (148), 122 states have internal predecessors, (148), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 12 states have call predecessors, (19), 18 states have call successors, (19) [2022-07-12 06:19:58,436 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 141 states to 141 states and 185 transitions. [2022-07-12 06:19:58,436 INFO L78 Accepts]: Start accepts. Automaton has 141 states and 185 transitions. Word has length 25 [2022-07-12 06:19:58,436 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:19:58,436 INFO L495 AbstractCegarLoop]: Abstraction has 141 states and 185 transitions. [2022-07-12 06:19:58,436 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:19:58,437 INFO L276 IsEmpty]: Start isEmpty. Operand 141 states and 185 transitions. [2022-07-12 06:19:58,437 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-07-12 06:19:58,437 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:19:58,438 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:19:58,438 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-12 06:19:58,438 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:19:58,439 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:19:58,439 INFO L85 PathProgramCache]: Analyzing trace with hash -2068590127, now seen corresponding path program 1 times [2022-07-12 06:19:58,439 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:19:58,439 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2103570536] [2022-07-12 06:19:58,439 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:19:58,439 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:19:58,477 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:19:58,547 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-12 06:19:58,547 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:19:58,547 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2103570536] [2022-07-12 06:19:58,548 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2103570536] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:19:58,548 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:19:58,548 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-07-12 06:19:58,548 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [255065272] [2022-07-12 06:19:58,548 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:19:58,548 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-12 06:19:58,549 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:19:58,549 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-12 06:19:58,549 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-07-12 06:19:58,549 INFO L87 Difference]: Start difference. First operand 141 states and 185 transitions. Second operand has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:19:58,746 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:19:58,746 INFO L93 Difference]: Finished difference Result 527 states and 736 transitions. [2022-07-12 06:19:58,746 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-07-12 06:19:58,747 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 28 [2022-07-12 06:19:58,747 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:19:58,757 INFO L225 Difference]: With dead ends: 527 [2022-07-12 06:19:58,757 INFO L226 Difference]: Without dead ends: 393 [2022-07-12 06:19:58,762 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=51, Invalid=131, Unknown=0, NotChecked=0, Total=182 [2022-07-12 06:19:58,767 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 188 mSDsluCounter, 388 mSDsCounter, 0 mSdLazyCounter, 126 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 188 SdHoareTripleChecker+Valid, 468 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 126 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-12 06:19:58,770 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [188 Valid, 468 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-12 06:19:58,772 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 393 states. [2022-07-12 06:19:58,811 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 393 to 378. [2022-07-12 06:19:58,814 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 378 states, 287 states have (on average 1.3449477351916377) internal successors, (386), 324 states have internal predecessors, (386), 51 states have call successors, (51), 39 states have call predecessors, (51), 39 states have return successors, (65), 33 states have call predecessors, (65), 51 states have call successors, (65) [2022-07-12 06:19:58,817 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 378 states to 378 states and 502 transitions. [2022-07-12 06:19:58,818 INFO L78 Accepts]: Start accepts. Automaton has 378 states and 502 transitions. Word has length 28 [2022-07-12 06:19:58,818 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:19:58,818 INFO L495 AbstractCegarLoop]: Abstraction has 378 states and 502 transitions. [2022-07-12 06:19:58,818 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:19:58,819 INFO L276 IsEmpty]: Start isEmpty. Operand 378 states and 502 transitions. [2022-07-12 06:19:58,820 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-07-12 06:19:58,820 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:19:58,820 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:19:58,821 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-12 06:19:58,821 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:19:58,821 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:19:58,821 INFO L85 PathProgramCache]: Analyzing trace with hash -1789142954, now seen corresponding path program 1 times [2022-07-12 06:19:58,822 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:19:58,822 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [943720710] [2022-07-12 06:19:58,822 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:19:58,823 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:19:58,838 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:19:58,858 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-12 06:19:58,858 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:19:58,858 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [943720710] [2022-07-12 06:19:58,858 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [943720710] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-12 06:19:58,859 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-12 06:19:58,859 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-12 06:19:58,859 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [802539198] [2022-07-12 06:19:58,859 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-12 06:19:58,859 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-12 06:19:58,860 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:19:58,860 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-12 06:19:58,860 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-12 06:19:58,860 INFO L87 Difference]: Start difference. First operand 378 states and 502 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:19:58,877 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:19:58,877 INFO L93 Difference]: Finished difference Result 656 states and 885 transitions. [2022-07-12 06:19:58,877 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-12 06:19:58,878 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 30 [2022-07-12 06:19:58,878 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:19:58,880 INFO L225 Difference]: With dead ends: 656 [2022-07-12 06:19:58,881 INFO L226 Difference]: Without dead ends: 285 [2022-07-12 06:19:58,882 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-12 06:19:58,884 INFO L413 NwaCegarLoop]: 50 mSDtfsCounter, 34 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 50 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-12 06:19:58,886 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 50 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-12 06:19:58,887 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2022-07-12 06:19:58,905 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 279. [2022-07-12 06:19:58,906 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 279 states, 218 states have (on average 1.261467889908257) internal successors, (275), 234 states have internal predecessors, (275), 30 states have call successors, (30), 30 states have call predecessors, (30), 30 states have return successors, (36), 30 states have call predecessors, (36), 30 states have call successors, (36) [2022-07-12 06:19:58,907 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 279 states to 279 states and 341 transitions. [2022-07-12 06:19:58,907 INFO L78 Accepts]: Start accepts. Automaton has 279 states and 341 transitions. Word has length 30 [2022-07-12 06:19:58,911 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:19:58,911 INFO L495 AbstractCegarLoop]: Abstraction has 279 states and 341 transitions. [2022-07-12 06:19:58,911 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:19:58,911 INFO L276 IsEmpty]: Start isEmpty. Operand 279 states and 341 transitions. [2022-07-12 06:19:58,924 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2022-07-12 06:19:58,924 INFO L187 NwaCegarLoop]: Found error trace [2022-07-12 06:19:58,925 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-12 06:19:58,925 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-12 06:19:58,925 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-12 06:19:58,926 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-12 06:19:58,926 INFO L85 PathProgramCache]: Analyzing trace with hash 1403719521, now seen corresponding path program 1 times [2022-07-12 06:19:58,926 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-12 06:19:58,926 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1854304134] [2022-07-12 06:19:58,926 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:19:58,926 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-12 06:19:58,946 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:19:58,988 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2022-07-12 06:19:58,992 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:19:59,003 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-12 06:19:59,011 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:19:59,026 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2022-07-12 06:19:59,028 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:19:59,030 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-07-12 06:19:59,031 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-12 06:19:59,031 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1854304134] [2022-07-12 06:19:59,031 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1854304134] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-12 06:19:59,031 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1874294513] [2022-07-12 06:19:59,031 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-12 06:19:59,032 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-12 06:19:59,032 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-12 06:19:59,033 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-12 06:19:59,034 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-12 06:19:59,121 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-12 06:19:59,123 INFO L263 TraceCheckSpWp]: Trace formula consists of 370 conjuncts, 9 conjunts are in the unsatisfiable core [2022-07-12 06:19:59,128 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-12 06:19:59,276 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 16 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-12 06:19:59,276 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-12 06:19:59,466 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 16 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-12 06:19:59,466 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1874294513] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-12 06:19:59,466 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-12 06:19:59,467 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6, 7] total 15 [2022-07-12 06:19:59,467 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1598023927] [2022-07-12 06:19:59,467 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-12 06:19:59,468 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-07-12 06:19:59,468 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-12 06:19:59,469 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-07-12 06:19:59,469 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=162, Unknown=0, NotChecked=0, Total=210 [2022-07-12 06:19:59,469 INFO L87 Difference]: Start difference. First operand 279 states and 341 transitions. Second operand has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-12 06:19:59,619 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-12 06:19:59,620 INFO L93 Difference]: Finished difference Result 377 states and 459 transitions. [2022-07-12 06:19:59,620 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-12 06:19:59,620 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 54 [2022-07-12 06:19:59,621 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-12 06:19:59,621 INFO L225 Difference]: With dead ends: 377 [2022-07-12 06:19:59,621 INFO L226 Difference]: Without dead ends: 0 [2022-07-12 06:19:59,622 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 124 GetRequests, 105 SyntacticMatches, 1 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=281, Unknown=0, NotChecked=0, Total=380 [2022-07-12 06:19:59,626 INFO L413 NwaCegarLoop]: 71 mSDtfsCounter, 130 mSDsluCounter, 348 mSDsCounter, 0 mSdLazyCounter, 187 mSolverCounterSat, 49 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 419 SdHoareTripleChecker+Invalid, 236 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 49 IncrementalHoareTripleChecker+Valid, 187 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-12 06:19:59,627 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 419 Invalid, 236 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [49 Valid, 187 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-12 06:19:59,627 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-12 06:19:59,628 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-12 06:19:59,628 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-12 06:19:59,628 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-12 06:19:59,628 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 54 [2022-07-12 06:19:59,629 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-12 06:19:59,630 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-12 06:19:59,630 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-12 06:19:59,630 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-12 06:19:59,630 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-12 06:19:59,633 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-12 06:19:59,657 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-12 06:19:59,843 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2022-07-12 06:19:59,845 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-12 06:20:00,595 INFO L902 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 757 764) the Hoare annotation is: true [2022-07-12 06:20:00,595 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 757 764) no Hoare annotation was computed. [2022-07-12 06:20:00,595 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 757 764) no Hoare annotation was computed. [2022-07-12 06:20:00,595 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 716 722) no Hoare annotation was computed. [2022-07-12 06:20:00,595 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 716 722) the Hoare annotation is: true [2022-07-12 06:20:00,595 INFO L899 garLoopResultBuilder]: For program point L125-1(lines 121 132) no Hoare annotation was computed. [2022-07-12 06:20:00,595 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 121 132) the Hoare annotation is: true [2022-07-12 06:20:00,595 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 121 132) no Hoare annotation was computed. [2022-07-12 06:20:00,595 INFO L899 garLoopResultBuilder]: For program point L671(lines 671 677) no Hoare annotation was computed. [2022-07-12 06:20:00,595 INFO L899 garLoopResultBuilder]: For program point L667(lines 667 680) no Hoare annotation was computed. [2022-07-12 06:20:00,595 INFO L895 garLoopResultBuilder]: At program point L667-1(lines 659 683) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0))) (.cse3 (not (= |timeShift_getWaterLevel_#res#1| 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 .cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-12 06:20:00,595 INFO L899 garLoopResultBuilder]: For program point L696-1(lines 695 714) no Hoare annotation was computed. [2022-07-12 06:20:00,596 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 692 715) no Hoare annotation was computed. [2022-07-12 06:20:00,596 INFO L895 garLoopResultBuilder]: At program point L738(line 738) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-12 06:20:00,596 INFO L895 garLoopResultBuilder]: At program point L734(line 734) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-12 06:20:00,596 INFO L895 garLoopResultBuilder]: At program point L743(line 743) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-12 06:20:00,596 INFO L895 garLoopResultBuilder]: At program point L743-1(lines 724 748) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-12 06:20:00,596 INFO L899 garLoopResultBuilder]: For program point L830(lines 830 834) no Hoare annotation was computed. [2022-07-12 06:20:00,596 INFO L899 garLoopResultBuilder]: For program point L830-2(lines 830 834) no Hoare annotation was computed. [2022-07-12 06:20:00,596 INFO L895 garLoopResultBuilder]: At program point L781(lines 776 784) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-12 06:20:00,596 INFO L899 garLoopResultBuilder]: For program point L653(line 653) no Hoare annotation was computed. [2022-07-12 06:20:00,596 INFO L895 garLoopResultBuilder]: At program point L170(lines 165 173) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_getWaterLevel_#res#1| 0)))) (and (or .cse0 (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 (= ~waterLevel~0 1))))) [2022-07-12 06:20:00,596 INFO L899 garLoopResultBuilder]: For program point L703-1(lines 703 709) no Hoare annotation was computed. [2022-07-12 06:20:00,596 INFO L899 garLoopResultBuilder]: For program point L732(lines 732 740) no Hoare annotation was computed. [2022-07-12 06:20:00,596 INFO L899 garLoopResultBuilder]: For program point L728(lines 728 745) no Hoare annotation was computed. [2022-07-12 06:20:00,596 INFO L895 garLoopResultBuilder]: At program point L179(lines 174 182) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-12 06:20:00,596 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 692 715) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-12 06:20:00,596 INFO L895 garLoopResultBuilder]: At program point L654(lines 649 656) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-12 06:20:00,596 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 692 715) no Hoare annotation was computed. [2022-07-12 06:20:00,597 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 653) no Hoare annotation was computed. [2022-07-12 06:20:00,597 INFO L899 garLoopResultBuilder]: For program point L101(lines 101 105) no Hoare annotation was computed. [2022-07-12 06:20:00,597 INFO L895 garLoopResultBuilder]: At program point L836(lines 821 839) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-12 06:20:00,597 INFO L895 garLoopResultBuilder]: At program point L101-2(lines 97 108) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-12 06:20:00,597 INFO L902 garLoopResultBuilder]: At program point L192(line 192) the Hoare annotation is: true [2022-07-12 06:20:00,597 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 186 215) no Hoare annotation was computed. [2022-07-12 06:20:00,597 INFO L899 garLoopResultBuilder]: For program point L192-1(line 192) no Hoare annotation was computed. [2022-07-12 06:20:00,597 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 186 215) the Hoare annotation is: true [2022-07-12 06:20:00,597 INFO L902 garLoopResultBuilder]: At program point L211(lines 186 215) the Hoare annotation is: true [2022-07-12 06:20:00,597 INFO L899 garLoopResultBuilder]: For program point L207(line 207) no Hoare annotation was computed. [2022-07-12 06:20:00,597 INFO L899 garLoopResultBuilder]: For program point L200(lines 200 204) no Hoare annotation was computed. [2022-07-12 06:20:00,597 INFO L902 garLoopResultBuilder]: At program point L200-1(lines 200 204) the Hoare annotation is: true [2022-07-12 06:20:00,597 INFO L899 garLoopResultBuilder]: For program point L197(line 197) no Hoare annotation was computed. [2022-07-12 06:20:00,597 INFO L902 garLoopResultBuilder]: At program point L196-2(lines 196 210) the Hoare annotation is: true [2022-07-12 06:20:00,597 INFO L902 garLoopResultBuilder]: At program point L927(lines 864 931) the Hoare annotation is: true [2022-07-12 06:20:00,597 INFO L899 garLoopResultBuilder]: For program point L894(lines 894 900) no Hoare annotation was computed. [2022-07-12 06:20:00,597 INFO L899 garLoopResultBuilder]: For program point L894-1(lines 894 900) no Hoare annotation was computed. [2022-07-12 06:20:00,597 INFO L895 garLoopResultBuilder]: At program point L886(line 886) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-12 06:20:00,597 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-12 06:20:00,597 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-12 06:20:00,598 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-12 06:20:00,598 INFO L895 garLoopResultBuilder]: At program point L924(lines 873 925) the Hoare annotation is: false [2022-07-12 06:20:00,598 INFO L899 garLoopResultBuilder]: For program point L912(lines 912 918) no Hoare annotation was computed. [2022-07-12 06:20:00,598 INFO L895 garLoopResultBuilder]: At program point L846(line 846) the Hoare annotation is: false [2022-07-12 06:20:00,598 INFO L895 garLoopResultBuilder]: At program point L912-2(lines 904 919) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-12 06:20:00,598 INFO L899 garLoopResultBuilder]: For program point L875(lines 874 923) no Hoare annotation was computed. [2022-07-12 06:20:00,598 INFO L899 garLoopResultBuilder]: For program point L904(lines 904 919) no Hoare annotation was computed. [2022-07-12 06:20:00,598 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-12 06:20:00,598 INFO L895 garLoopResultBuilder]: At program point L896(line 896) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-12 06:20:00,598 INFO L902 garLoopResultBuilder]: At program point L256(lines 249 258) the Hoare annotation is: true [2022-07-12 06:20:00,598 INFO L895 garLoopResultBuilder]: At program point L921(lines 874 923) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-12 06:20:00,598 INFO L899 garLoopResultBuilder]: For program point L884(lines 884 890) no Hoare annotation was computed. [2022-07-12 06:20:00,598 INFO L895 garLoopResultBuilder]: At program point L83(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-12 06:20:00,598 INFO L899 garLoopResultBuilder]: For program point L884-1(lines 884 890) no Hoare annotation was computed. [2022-07-12 06:20:00,598 INFO L899 garLoopResultBuilder]: For program point L269(lines 269 276) no Hoare annotation was computed. [2022-07-12 06:20:00,598 INFO L899 garLoopResultBuilder]: For program point L876(lines 876 880) no Hoare annotation was computed. [2022-07-12 06:20:00,598 INFO L895 garLoopResultBuilder]: At program point L75(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-12 06:20:00,598 INFO L899 garLoopResultBuilder]: For program point L269-2(lines 269 276) no Hoare annotation was computed. [2022-07-12 06:20:00,598 INFO L895 garLoopResultBuilder]: At program point L860(lines 855 862) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2) (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 .cse2 (= ~waterLevel~0 1)))) [2022-07-12 06:20:00,598 INFO L902 garLoopResultBuilder]: At program point L278(lines 259 281) the Hoare annotation is: true [2022-07-12 06:20:00,599 INFO L895 garLoopResultBuilder]: At program point L245(lines 241 247) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0) (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-12 06:20:00,599 INFO L895 garLoopResultBuilder]: At program point L852(lines 840 854) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-12 06:20:00,599 INFO L899 garLoopResultBuilder]: For program point L844(lines 844 850) no Hoare annotation was computed. [2022-07-12 06:20:00,599 INFO L899 garLoopResultBuilder]: For program point L844-1(lines 844 850) no Hoare annotation was computed. [2022-07-12 06:20:00,599 INFO L895 garLoopResultBuilder]: At program point L68(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-12 06:20:00,599 INFO L899 garLoopResultBuilder]: For program point L113-1(lines 109 120) no Hoare annotation was computed. [2022-07-12 06:20:00,599 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 109 120) no Hoare annotation was computed. [2022-07-12 06:20:00,599 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 109 120) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0)))) (and (or .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)))) [2022-07-12 06:20:00,601 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-07-12 06:20:00,602 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-12 06:20:00,634 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 12.07 06:20:00 BoogieIcfgContainer [2022-07-12 06:20:00,634 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-12 06:20:00,635 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-12 06:20:00,635 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-12 06:20:00,635 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-12 06:20:00,635 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.07 06:19:57" (3/4) ... [2022-07-12 06:20:00,637 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-12 06:20:00,641 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-07-12 06:20:00,641 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-12 06:20:00,641 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-12 06:20:00,641 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-12 06:20:00,641 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-12 06:20:00,641 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-12 06:20:00,645 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 50 nodes and edges [2022-07-12 06:20:00,646 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-12 06:20:00,646 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-12 06:20:00,647 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-12 06:20:00,647 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-12 06:20:00,647 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-12 06:20:00,647 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-12 06:20:00,663 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-12 06:20:00,663 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-12 06:20:00,663 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) [2022-07-12 06:20:00,663 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-12 06:20:00,664 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) [2022-07-12 06:20:00,664 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) || (((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) [2022-07-12 06:20:00,664 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) [2022-07-12 06:20:00,664 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) [2022-07-12 06:20:00,665 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) [2022-07-12 06:20:00,665 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-12 06:20:00,665 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-12 06:20:00,665 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-12 06:20:00,665 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-12 06:20:00,682 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-12 06:20:00,683 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-12 06:20:00,683 INFO L158 Benchmark]: Toolchain (without parser) took 3692.08ms. Allocated memory was 111.1MB in the beginning and 169.9MB in the end (delta: 58.7MB). Free memory was 75.0MB in the beginning and 119.4MB in the end (delta: -44.4MB). Peak memory consumption was 13.9MB. Max. memory is 16.1GB. [2022-07-12 06:20:00,683 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 111.1MB. Free memory was 83.4MB in the beginning and 83.3MB in the end (delta: 27.1kB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-12 06:20:00,683 INFO L158 Benchmark]: CACSL2BoogieTranslator took 324.65ms. Allocated memory is still 111.1MB. Free memory was 74.7MB in the beginning and 78.2MB in the end (delta: -3.5MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-07-12 06:20:00,684 INFO L158 Benchmark]: Boogie Procedure Inliner took 37.67ms. Allocated memory is still 111.1MB. Free memory was 78.2MB in the beginning and 76.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-12 06:20:00,684 INFO L158 Benchmark]: Boogie Preprocessor took 30.33ms. Allocated memory is still 111.1MB. Free memory was 76.1MB in the beginning and 74.6MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-12 06:20:00,685 INFO L158 Benchmark]: RCFGBuilder took 322.71ms. Allocated memory is still 111.1MB. Free memory was 74.6MB in the beginning and 58.7MB in the end (delta: 15.9MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2022-07-12 06:20:00,685 INFO L158 Benchmark]: TraceAbstraction took 2923.59ms. Allocated memory was 111.1MB in the beginning and 169.9MB in the end (delta: 58.7MB). Free memory was 58.4MB in the beginning and 124.6MB in the end (delta: -66.2MB). Peak memory consumption was 52.3MB. Max. memory is 16.1GB. [2022-07-12 06:20:00,685 INFO L158 Benchmark]: Witness Printer took 48.02ms. Allocated memory is still 169.9MB. Free memory was 124.6MB in the beginning and 119.4MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-07-12 06:20:00,687 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 111.1MB. Free memory was 83.4MB in the beginning and 83.3MB in the end (delta: 27.1kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 324.65ms. Allocated memory is still 111.1MB. Free memory was 74.7MB in the beginning and 78.2MB in the end (delta: -3.5MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 37.67ms. Allocated memory is still 111.1MB. Free memory was 78.2MB in the beginning and 76.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 30.33ms. Allocated memory is still 111.1MB. Free memory was 76.1MB in the beginning and 74.6MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 322.71ms. Allocated memory is still 111.1MB. Free memory was 74.6MB in the beginning and 58.7MB in the end (delta: 15.9MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * TraceAbstraction took 2923.59ms. Allocated memory was 111.1MB in the beginning and 169.9MB in the end (delta: 58.7MB). Free memory was 58.4MB in the beginning and 124.6MB in the end (delta: -66.2MB). Peak memory consumption was 52.3MB. Max. memory is 16.1GB. * Witness Printer took 48.02ms. Allocated memory is still 169.9MB. Free memory was 124.6MB in the beginning and 119.4MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 653]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 77 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.9s, OverallIterations: 6, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.8s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 549 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 545 mSDsluCounter, 1579 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1114 mSDsCounter, 99 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 405 IncrementalHoareTripleChecker+Invalid, 504 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 99 mSolverCounterUnsat, 465 mSDtfsCounter, 405 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 153 GetRequests, 114 SyntacticMatches, 1 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 60 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=378occurred in iteration=4, InterpolantAutomatonStates: 32, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 6 MinimizatonAttempts, 43 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 36 LocationsWithAnnotation, 486 PreInvPairs, 546 NumberOfFragments, 523 HoareAnnotationTreeSize, 486 FomulaSimplifications, 289 FormulaSimplificationTreeSizeReduction, 0.1s HoareSimplificationTime, 36 FomulaSimplificationsInter, 2313 FormulaSimplificationTreeSizeReductionInter, 0.6s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.7s InterpolantComputationTime, 230 NumberOfCodeBlocks, 230 NumberOfCodeBlocksAsserted, 7 NumberOfCheckSat, 276 ConstructedInterpolants, 0 QuantifiedInterpolants, 753 SizeOfPredicates, 0 NumberOfNonLiveVariables, 370 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 8 InterpolantComputations, 5 PerfectInterpolantSequences, 51/57 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 873]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 249]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 97]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 174]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 659]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 855]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) || (((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 165]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) - InvariantResult [Line: 776]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 724]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 649]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 874]: Loop Invariant Derived loop invariant: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) - InvariantResult [Line: 821]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 241]: Loop Invariant Derived loop invariant: (((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 196]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 864]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 186]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 840]: Loop Invariant Derived loop invariant: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) - InvariantResult [Line: 259]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-07-12 06:20:00,720 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE