./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product06.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 791161d1 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product06.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 02f348a1765e9ec5744c77eeefa530e23dc9cfba8d17cca10f5e72556b3df984 --- Real Ultimate output --- This is Ultimate 0.2.2-?-791161d [2022-07-22 17:38:47,161 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-22 17:38:47,162 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-22 17:38:47,190 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-22 17:38:47,193 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-22 17:38:47,194 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-22 17:38:47,198 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-22 17:38:47,202 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-22 17:38:47,203 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-22 17:38:47,208 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-22 17:38:47,209 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-22 17:38:47,209 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-22 17:38:47,210 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-22 17:38:47,211 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-22 17:38:47,212 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-22 17:38:47,214 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-22 17:38:47,216 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-22 17:38:47,216 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-22 17:38:47,218 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-22 17:38:47,221 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-22 17:38:47,224 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-22 17:38:47,226 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-22 17:38:47,226 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-22 17:38:47,227 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-22 17:38:47,227 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-22 17:38:47,230 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-22 17:38:47,231 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-22 17:38:47,231 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-22 17:38:47,232 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-22 17:38:47,232 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-22 17:38:47,233 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-22 17:38:47,234 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-22 17:38:47,234 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-22 17:38:47,235 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-22 17:38:47,236 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-22 17:38:47,236 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-22 17:38:47,236 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-22 17:38:47,237 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-22 17:38:47,237 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-22 17:38:47,237 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-22 17:38:47,238 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-22 17:38:47,239 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-22 17:38:47,240 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-22 17:38:47,267 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-22 17:38:47,269 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-22 17:38:47,269 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-22 17:38:47,269 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-22 17:38:47,270 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-22 17:38:47,270 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-22 17:38:47,270 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-22 17:38:47,270 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-22 17:38:47,270 INFO L138 SettingsManager]: * Use SBE=true [2022-07-22 17:38:47,271 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-22 17:38:47,271 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-22 17:38:47,272 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-22 17:38:47,272 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-22 17:38:47,272 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-22 17:38:47,272 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-22 17:38:47,272 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-22 17:38:47,272 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-22 17:38:47,272 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-22 17:38:47,272 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-22 17:38:47,274 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-22 17:38:47,274 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-22 17:38:47,274 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-22 17:38:47,274 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-22 17:38:47,274 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-22 17:38:47,275 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:38:47,275 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-22 17:38:47,275 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-22 17:38:47,275 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-22 17:38:47,275 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-22 17:38:47,275 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-22 17:38:47,276 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-22 17:38:47,276 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-22 17:38:47,276 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-22 17:38:47,276 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 02f348a1765e9ec5744c77eeefa530e23dc9cfba8d17cca10f5e72556b3df984 [2022-07-22 17:38:47,458 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-22 17:38:47,476 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-22 17:38:47,478 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-22 17:38:47,479 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-22 17:38:47,480 INFO L275 PluginConnector]: CDTParser initialized [2022-07-22 17:38:47,481 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product06.cil.c [2022-07-22 17:38:47,521 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/24c547e6b/9920197784cb40d59411036a8c808fde/FLAG6de159ba7 [2022-07-22 17:38:47,906 INFO L306 CDTParser]: Found 1 translation units. [2022-07-22 17:38:47,907 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product06.cil.c [2022-07-22 17:38:47,914 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/24c547e6b/9920197784cb40d59411036a8c808fde/FLAG6de159ba7 [2022-07-22 17:38:47,924 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/24c547e6b/9920197784cb40d59411036a8c808fde [2022-07-22 17:38:47,926 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-22 17:38:47,927 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-22 17:38:47,928 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-22 17:38:47,929 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-22 17:38:47,939 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-22 17:38:47,940 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:38:47" (1/1) ... [2022-07-22 17:38:47,941 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5e7e6995 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:47, skipping insertion in model container [2022-07-22 17:38:47,941 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:38:47" (1/1) ... [2022-07-22 17:38:47,945 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-22 17:38:47,996 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-22 17:38:48,259 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product06.cil.c[17188,17201] [2022-07-22 17:38:48,276 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:38:48,282 INFO L203 MainTranslator]: Completed pre-run [2022-07-22 17:38:48,325 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product06.cil.c[17188,17201] [2022-07-22 17:38:48,326 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:38:48,338 INFO L208 MainTranslator]: Completed translation [2022-07-22 17:38:48,338 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48 WrapperNode [2022-07-22 17:38:48,338 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-22 17:38:48,339 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-22 17:38:48,340 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-22 17:38:48,340 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-22 17:38:48,346 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,356 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,374 INFO L137 Inliner]: procedures = 51, calls = 149, calls flagged for inlining = 21, calls inlined = 18, statements flattened = 216 [2022-07-22 17:38:48,378 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-22 17:38:48,379 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-22 17:38:48,379 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-22 17:38:48,379 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-22 17:38:48,385 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,386 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,395 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,396 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,404 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,413 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,428 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,430 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-22 17:38:48,430 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-22 17:38:48,430 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-22 17:38:48,430 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-22 17:38:48,431 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,437 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:38:48,449 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:38:48,459 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-22 17:38:48,461 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-22 17:38:48,487 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-22 17:38:48,487 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-22 17:38:48,487 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-22 17:38:48,488 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-22 17:38:48,488 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-22 17:38:48,488 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-22 17:38:48,488 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-22 17:38:48,489 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-22 17:38:48,489 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-22 17:38:48,489 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-22 17:38:48,490 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-22 17:38:48,490 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-22 17:38:48,490 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-22 17:38:48,490 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-22 17:38:48,536 INFO L234 CfgBuilder]: Building ICFG [2022-07-22 17:38:48,542 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-22 17:38:48,721 INFO L275 CfgBuilder]: Performing block encoding [2022-07-22 17:38:48,726 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-22 17:38:48,726 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-22 17:38:48,728 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:48 BoogieIcfgContainer [2022-07-22 17:38:48,728 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-22 17:38:48,729 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-22 17:38:48,729 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-22 17:38:48,732 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-22 17:38:48,732 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 22.07 05:38:47" (1/3) ... [2022-07-22 17:38:48,732 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6475b296 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:38:48, skipping insertion in model container [2022-07-22 17:38:48,733 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (2/3) ... [2022-07-22 17:38:48,733 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6475b296 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:38:48, skipping insertion in model container [2022-07-22 17:38:48,733 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:48" (3/3) ... [2022-07-22 17:38:48,734 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product06.cil.c [2022-07-22 17:38:48,744 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-22 17:38:48,745 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-22 17:38:48,788 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-22 17:38:48,793 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@2e6af7c5, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@5ec14b8f [2022-07-22 17:38:48,794 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-22 17:38:48,797 INFO L276 IsEmpty]: Start isEmpty. Operand has 68 states, 53 states have (on average 1.3962264150943395) internal successors, (74), 59 states have internal predecessors, (74), 8 states have call successors, (8), 5 states have call predecessors, (8), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-07-22 17:38:48,803 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-07-22 17:38:48,804 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:48,804 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:48,805 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:48,809 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:48,810 INFO L85 PathProgramCache]: Analyzing trace with hash -1379054688, now seen corresponding path program 1 times [2022-07-22 17:38:48,816 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:48,816 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1827617309] [2022-07-22 17:38:48,816 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:48,817 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:48,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,022 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:49,025 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:49,026 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1827617309] [2022-07-22 17:38:49,026 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1827617309] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:49,027 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:49,027 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-22 17:38:49,028 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1941787913] [2022-07-22 17:38:49,029 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:49,033 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-22 17:38:49,034 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:49,060 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-22 17:38:49,061 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:38:49,063 INFO L87 Difference]: Start difference. First operand has 68 states, 53 states have (on average 1.3962264150943395) internal successors, (74), 59 states have internal predecessors, (74), 8 states have call successors, (8), 5 states have call predecessors, (8), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,091 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:49,092 INFO L93 Difference]: Finished difference Result 128 states and 175 transitions. [2022-07-22 17:38:49,093 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-22 17:38:49,094 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-07-22 17:38:49,094 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:49,113 INFO L225 Difference]: With dead ends: 128 [2022-07-22 17:38:49,114 INFO L226 Difference]: Without dead ends: 59 [2022-07-22 17:38:49,117 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:38:49,123 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 84 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:49,124 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 84 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:49,136 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-07-22 17:38:49,149 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2022-07-22 17:38:49,151 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 46 states have (on average 1.3043478260869565) internal successors, (60), 51 states have internal predecessors, (60), 8 states have call successors, (8), 5 states have call predecessors, (8), 4 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-07-22 17:38:49,152 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 75 transitions. [2022-07-22 17:38:49,153 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 75 transitions. Word has length 19 [2022-07-22 17:38:49,153 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:49,153 INFO L495 AbstractCegarLoop]: Abstraction has 59 states and 75 transitions. [2022-07-22 17:38:49,154 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,154 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 75 transitions. [2022-07-22 17:38:49,155 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-07-22 17:38:49,155 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:49,156 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:49,156 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-22 17:38:49,156 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:49,157 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:49,157 INFO L85 PathProgramCache]: Analyzing trace with hash -320924759, now seen corresponding path program 1 times [2022-07-22 17:38:49,157 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:49,157 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1858363305] [2022-07-22 17:38:49,157 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:49,158 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:49,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,209 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:49,209 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:49,210 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1858363305] [2022-07-22 17:38:49,210 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1858363305] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:49,210 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:49,210 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-22 17:38:49,210 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1457293370] [2022-07-22 17:38:49,210 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:49,211 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:38:49,211 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:49,212 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:38:49,212 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:49,212 INFO L87 Difference]: Start difference. First operand 59 states and 75 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,221 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:49,221 INFO L93 Difference]: Finished difference Result 83 states and 105 transitions. [2022-07-22 17:38:49,222 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:38:49,222 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2022-07-22 17:38:49,222 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:49,223 INFO L225 Difference]: With dead ends: 83 [2022-07-22 17:38:49,223 INFO L226 Difference]: Without dead ends: 50 [2022-07-22 17:38:49,223 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:49,224 INFO L413 NwaCegarLoop]: 62 mSDtfsCounter, 13 mSDsluCounter, 45 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 107 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:49,225 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 107 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:49,225 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 50 states. [2022-07-22 17:38:49,229 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 50 to 50. [2022-07-22 17:38:49,230 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 50 states, 40 states have (on average 1.325) internal successors, (53), 45 states have internal predecessors, (53), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2022-07-22 17:38:49,230 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 50 states to 50 states and 63 transitions. [2022-07-22 17:38:49,231 INFO L78 Accepts]: Start accepts. Automaton has 50 states and 63 transitions. Word has length 20 [2022-07-22 17:38:49,231 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:49,231 INFO L495 AbstractCegarLoop]: Abstraction has 50 states and 63 transitions. [2022-07-22 17:38:49,231 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,231 INFO L276 IsEmpty]: Start isEmpty. Operand 50 states and 63 transitions. [2022-07-22 17:38:49,232 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-07-22 17:38:49,232 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:49,232 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:49,232 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-22 17:38:49,233 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:49,233 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:49,233 INFO L85 PathProgramCache]: Analyzing trace with hash -810441205, now seen corresponding path program 1 times [2022-07-22 17:38:49,233 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:49,234 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1868957318] [2022-07-22 17:38:49,234 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:49,234 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:49,252 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,285 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:49,285 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:49,285 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1868957318] [2022-07-22 17:38:49,285 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1868957318] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:49,286 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:49,286 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-22 17:38:49,286 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [951011667] [2022-07-22 17:38:49,286 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:49,286 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-07-22 17:38:49,287 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:49,287 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-07-22 17:38:49,287 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-07-22 17:38:49,287 INFO L87 Difference]: Start difference. First operand 50 states and 63 transitions. Second operand has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,338 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:49,338 INFO L93 Difference]: Finished difference Result 93 states and 120 transitions. [2022-07-22 17:38:49,338 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-07-22 17:38:49,339 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 25 [2022-07-22 17:38:49,339 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:49,339 INFO L225 Difference]: With dead ends: 93 [2022-07-22 17:38:49,340 INFO L226 Difference]: Without dead ends: 50 [2022-07-22 17:38:49,340 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-07-22 17:38:49,341 INFO L413 NwaCegarLoop]: 56 mSDtfsCounter, 88 mSDsluCounter, 80 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 88 SdHoareTripleChecker+Valid, 136 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:49,342 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [88 Valid, 136 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:49,343 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 50 states. [2022-07-22 17:38:49,348 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 50 to 50. [2022-07-22 17:38:49,351 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 50 states, 40 states have (on average 1.3) internal successors, (52), 45 states have internal predecessors, (52), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2022-07-22 17:38:49,353 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 50 states to 50 states and 62 transitions. [2022-07-22 17:38:49,354 INFO L78 Accepts]: Start accepts. Automaton has 50 states and 62 transitions. Word has length 25 [2022-07-22 17:38:49,355 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:49,355 INFO L495 AbstractCegarLoop]: Abstraction has 50 states and 62 transitions. [2022-07-22 17:38:49,355 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,355 INFO L276 IsEmpty]: Start isEmpty. Operand 50 states and 62 transitions. [2022-07-22 17:38:49,356 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-07-22 17:38:49,356 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:49,356 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:49,357 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-22 17:38:49,357 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:49,357 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:49,360 INFO L85 PathProgramCache]: Analyzing trace with hash 475641660, now seen corresponding path program 1 times [2022-07-22 17:38:49,361 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:49,362 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [796436747] [2022-07-22 17:38:49,367 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:49,367 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:49,381 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,463 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-07-22 17:38:49,465 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,466 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:49,466 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:49,466 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [796436747] [2022-07-22 17:38:49,466 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [796436747] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:49,466 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:49,467 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-07-22 17:38:49,467 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1949823785] [2022-07-22 17:38:49,467 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:49,469 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-22 17:38:49,469 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:49,470 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-22 17:38:49,470 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-07-22 17:38:49,470 INFO L87 Difference]: Start difference. First operand 50 states and 62 transitions. Second operand has 8 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-22 17:38:49,646 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:49,646 INFO L93 Difference]: Finished difference Result 171 states and 229 transitions. [2022-07-22 17:38:49,647 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-07-22 17:38:49,647 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-07-22 17:38:49,648 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:49,650 INFO L225 Difference]: With dead ends: 171 [2022-07-22 17:38:49,651 INFO L226 Difference]: Without dead ends: 128 [2022-07-22 17:38:49,654 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=51, Invalid=131, Unknown=0, NotChecked=0, Total=182 [2022-07-22 17:38:49,656 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 147 mSDsluCounter, 318 mSDsCounter, 0 mSdLazyCounter, 102 mSolverCounterSat, 22 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 147 SdHoareTripleChecker+Valid, 383 SdHoareTripleChecker+Invalid, 124 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 22 IncrementalHoareTripleChecker+Valid, 102 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:49,656 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [147 Valid, 383 Invalid, 124 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [22 Valid, 102 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:49,657 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2022-07-22 17:38:49,672 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 123. [2022-07-22 17:38:49,672 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 123 states, 97 states have (on average 1.2989690721649485) internal successors, (126), 109 states have internal predecessors, (126), 14 states have call successors, (14), 11 states have call predecessors, (14), 11 states have return successors, (17), 11 states have call predecessors, (17), 14 states have call successors, (17) [2022-07-22 17:38:49,673 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 123 states to 123 states and 157 transitions. [2022-07-22 17:38:49,673 INFO L78 Accepts]: Start accepts. Automaton has 123 states and 157 transitions. Word has length 30 [2022-07-22 17:38:49,674 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:49,674 INFO L495 AbstractCegarLoop]: Abstraction has 123 states and 157 transitions. [2022-07-22 17:38:49,674 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-22 17:38:49,674 INFO L276 IsEmpty]: Start isEmpty. Operand 123 states and 157 transitions. [2022-07-22 17:38:49,675 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-07-22 17:38:49,675 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:49,675 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:49,675 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-22 17:38:49,675 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:49,676 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:49,676 INFO L85 PathProgramCache]: Analyzing trace with hash 557208599, now seen corresponding path program 1 times [2022-07-22 17:38:49,676 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:49,676 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [513102940] [2022-07-22 17:38:49,676 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:49,676 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:49,699 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,735 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-07-22 17:38:49,737 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,740 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:49,740 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:49,740 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [513102940] [2022-07-22 17:38:49,740 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [513102940] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:49,740 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:49,741 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-22 17:38:49,742 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [227716756] [2022-07-22 17:38:49,742 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:49,742 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:38:49,742 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:49,743 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:38:49,743 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:49,744 INFO L87 Difference]: Start difference. First operand 123 states and 157 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-22 17:38:49,766 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:49,766 INFO L93 Difference]: Finished difference Result 219 states and 282 transitions. [2022-07-22 17:38:49,767 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:38:49,768 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2022-07-22 17:38:49,768 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:49,771 INFO L225 Difference]: With dead ends: 219 [2022-07-22 17:38:49,771 INFO L226 Difference]: Without dead ends: 103 [2022-07-22 17:38:49,771 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:49,772 INFO L413 NwaCegarLoop]: 47 mSDtfsCounter, 33 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 33 SdHoareTripleChecker+Valid, 47 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:49,772 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [33 Valid, 47 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:49,773 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2022-07-22 17:38:49,780 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 103. [2022-07-22 17:38:49,780 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 103 states, 80 states have (on average 1.225) internal successors, (98), 86 states have internal predecessors, (98), 11 states have call successors, (11), 11 states have call predecessors, (11), 11 states have return successors, (12), 11 states have call predecessors, (12), 11 states have call successors, (12) [2022-07-22 17:38:49,781 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 103 states to 103 states and 121 transitions. [2022-07-22 17:38:49,781 INFO L78 Accepts]: Start accepts. Automaton has 103 states and 121 transitions. Word has length 32 [2022-07-22 17:38:49,781 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:49,781 INFO L495 AbstractCegarLoop]: Abstraction has 103 states and 121 transitions. [2022-07-22 17:38:49,781 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-22 17:38:49,781 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 121 transitions. [2022-07-22 17:38:49,782 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2022-07-22 17:38:49,782 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:49,783 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:49,783 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-22 17:38:49,788 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:49,788 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:49,788 INFO L85 PathProgramCache]: Analyzing trace with hash -1600959184, now seen corresponding path program 1 times [2022-07-22 17:38:49,788 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:49,788 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1828754566] [2022-07-22 17:38:49,789 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:49,789 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:49,829 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,888 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2022-07-22 17:38:49,891 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,903 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-07-22 17:38:49,909 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,921 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2022-07-22 17:38:49,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,923 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2022-07-22 17:38:49,924 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,925 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 51 [2022-07-22 17:38:49,926 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,927 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 23 trivial. 0 not checked. [2022-07-22 17:38:49,927 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:49,927 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1828754566] [2022-07-22 17:38:49,927 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1828754566] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-22 17:38:49,928 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1557242211] [2022-07-22 17:38:49,928 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:49,928 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-22 17:38:49,928 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:38:49,929 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-22 17:38:49,959 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-22 17:38:50,024 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:50,041 INFO L263 TraceCheckSpWp]: Trace formula consists of 372 conjuncts, 9 conjunts are in the unsatisfiable core [2022-07-22 17:38:50,045 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-22 17:38:50,170 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 21 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-22 17:38:50,170 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-22 17:38:50,361 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 19 proven. 3 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-07-22 17:38:50,361 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1557242211] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-22 17:38:50,361 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-22 17:38:50,361 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 7, 8] total 15 [2022-07-22 17:38:50,361 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2000738411] [2022-07-22 17:38:50,361 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-22 17:38:50,363 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-07-22 17:38:50,363 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:50,363 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-07-22 17:38:50,363 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=162, Unknown=0, NotChecked=0, Total=210 [2022-07-22 17:38:50,364 INFO L87 Difference]: Start difference. First operand 103 states and 121 transitions. Second operand has 15 states, 15 states have (on average 6.2) internal successors, (93), 12 states have internal predecessors, (93), 6 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (12), 5 states have call predecessors, (12), 6 states have call successors, (12) [2022-07-22 17:38:50,532 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:50,532 INFO L93 Difference]: Finished difference Result 137 states and 161 transitions. [2022-07-22 17:38:50,533 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-22 17:38:50,533 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 6.2) internal successors, (93), 12 states have internal predecessors, (93), 6 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (12), 5 states have call predecessors, (12), 6 states have call successors, (12) Word has length 61 [2022-07-22 17:38:50,533 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:50,533 INFO L225 Difference]: With dead ends: 137 [2022-07-22 17:38:50,533 INFO L226 Difference]: Without dead ends: 0 [2022-07-22 17:38:50,534 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 143 GetRequests, 124 SyntacticMatches, 1 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=281, Unknown=0, NotChecked=0, Total=380 [2022-07-22 17:38:50,534 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 120 mSDsluCounter, 305 mSDsCounter, 0 mSdLazyCounter, 176 mSolverCounterSat, 52 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 370 SdHoareTripleChecker+Invalid, 228 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 52 IncrementalHoareTripleChecker+Valid, 176 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:50,534 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 370 Invalid, 228 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [52 Valid, 176 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:50,535 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-22 17:38:50,535 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-22 17:38:50,535 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:50,535 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-22 17:38:50,535 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 61 [2022-07-22 17:38:50,535 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:50,535 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-22 17:38:50,535 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 6.2) internal successors, (93), 12 states have internal predecessors, (93), 6 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (12), 5 states have call predecessors, (12), 6 states have call successors, (12) [2022-07-22 17:38:50,535 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-22 17:38:50,535 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-22 17:38:50,537 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-22 17:38:50,566 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-22 17:38:50,767 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2022-07-22 17:38:50,768 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-22 17:38:51,368 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 296 302) no Hoare annotation was computed. [2022-07-22 17:38:51,369 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 296 302) the Hoare annotation is: true [2022-07-22 17:38:51,369 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 184 195) the Hoare annotation is: true [2022-07-22 17:38:51,369 INFO L899 garLoopResultBuilder]: For program point L188-1(lines 184 195) no Hoare annotation was computed. [2022-07-22 17:38:51,369 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 184 195) no Hoare annotation was computed. [2022-07-22 17:38:51,369 INFO L899 garLoopResultBuilder]: For program point L283-1(lines 283 289) no Hoare annotation was computed. [2022-07-22 17:38:51,369 INFO L899 garLoopResultBuilder]: For program point L312(lines 312 320) no Hoare annotation was computed. [2022-07-22 17:38:51,369 INFO L899 garLoopResultBuilder]: For program point L308(lines 308 325) no Hoare annotation was computed. [2022-07-22 17:38:51,369 INFO L899 garLoopResultBuilder]: For program point L882(line 882) no Hoare annotation was computed. [2022-07-22 17:38:51,369 INFO L895 garLoopResultBuilder]: At program point L201(lines 196 204) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|)) (= 0 ~systemActive~0)) [2022-07-22 17:38:51,369 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 272 295) no Hoare annotation was computed. [2022-07-22 17:38:51,369 INFO L899 garLoopResultBuilder]: For program point L164(lines 164 168) no Hoare annotation was computed. [2022-07-22 17:38:51,369 INFO L895 garLoopResultBuilder]: At program point L164-2(lines 160 171) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|)) (= 0 ~systemActive~0)) [2022-07-22 17:38:51,370 INFO L895 garLoopResultBuilder]: At program point L342(lines 337 344) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|)) (= 0 ~systemActive~0)) [2022-07-22 17:38:51,370 INFO L899 garLoopResultBuilder]: For program point L276-1(lines 275 294) no Hoare annotation was computed. [2022-07-22 17:38:51,370 INFO L895 garLoopResultBuilder]: At program point L883(lines 878 885) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|)) (= 0 ~systemActive~0)) [2022-07-22 17:38:51,370 INFO L895 garLoopResultBuilder]: At program point L318(line 318) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|)) (= 0 ~systemActive~0)) [2022-07-22 17:38:51,370 INFO L899 garLoopResultBuilder]: For program point L252(lines 252 258) no Hoare annotation was computed. [2022-07-22 17:38:51,370 INFO L899 garLoopResultBuilder]: For program point L248(lines 248 261) no Hoare annotation was computed. [2022-07-22 17:38:51,370 INFO L895 garLoopResultBuilder]: At program point L248-1(lines 240 264) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_getWaterLevel_#res#1| 0))) (.cse3 (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp~1#1| 0))) (.cse4 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2 .cse3 (= ~waterLevel~0 1)) (not (= |old(~waterLevel~0)| 1)) .cse4) (or .cse0 (and .cse1 .cse2 .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4 (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:38:51,370 INFO L895 garLoopResultBuilder]: At program point L323(line 323) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1)) .cse2))) [2022-07-22 17:38:51,370 INFO L895 garLoopResultBuilder]: At program point L323-1(lines 304 328) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1)) .cse2))) [2022-07-22 17:38:51,370 INFO L895 garLoopResultBuilder]: At program point L352(lines 345 355) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|)) (= 0 ~systemActive~0)) [2022-07-22 17:38:51,370 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 272 295) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1)) .cse2))) [2022-07-22 17:38:51,370 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 272 295) no Hoare annotation was computed. [2022-07-22 17:38:51,370 INFO L895 garLoopResultBuilder]: At program point L233(lines 228 236) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_getWaterLevel_#res#1| 0))) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse3 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 (= ~waterLevel~0 1)) .cse3))) [2022-07-22 17:38:51,371 INFO L895 garLoopResultBuilder]: At program point L361(lines 356 364) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|)) (= 0 ~systemActive~0)) [2022-07-22 17:38:51,371 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 882) no Hoare annotation was computed. [2022-07-22 17:38:51,371 INFO L902 garLoopResultBuilder]: At program point L66-1(lines 66 70) the Hoare annotation is: true [2022-07-22 17:38:51,371 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 52 81) no Hoare annotation was computed. [2022-07-22 17:38:51,371 INFO L899 garLoopResultBuilder]: For program point L63(line 63) no Hoare annotation was computed. [2022-07-22 17:38:51,371 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 52 81) the Hoare annotation is: true [2022-07-22 17:38:51,371 INFO L902 garLoopResultBuilder]: At program point L62-2(lines 62 76) the Hoare annotation is: true [2022-07-22 17:38:51,371 INFO L902 garLoopResultBuilder]: At program point L58(line 58) the Hoare annotation is: true [2022-07-22 17:38:51,371 INFO L899 garLoopResultBuilder]: For program point L58-1(line 58) no Hoare annotation was computed. [2022-07-22 17:38:51,371 INFO L902 garLoopResultBuilder]: At program point L77(lines 52 81) the Hoare annotation is: true [2022-07-22 17:38:51,371 INFO L899 garLoopResultBuilder]: For program point L73(line 73) no Hoare annotation was computed. [2022-07-22 17:38:51,371 INFO L899 garLoopResultBuilder]: For program point L66(lines 66 70) no Hoare annotation was computed. [2022-07-22 17:38:51,371 INFO L895 garLoopResultBuilder]: At program point L865(lines 861 867) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-07-22 17:38:51,371 INFO L899 garLoopResultBuilder]: For program point L440(lines 440 446) no Hoare annotation was computed. [2022-07-22 17:38:51,371 INFO L899 garLoopResultBuilder]: For program point L440-1(lines 440 446) no Hoare annotation was computed. [2022-07-22 17:38:51,372 INFO L895 garLoopResultBuilder]: At program point L465(lines 420 467) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) .cse3 .cse4) (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1) .cse4))) [2022-07-22 17:38:51,372 INFO L895 garLoopResultBuilder]: At program point L432(line 432) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) .cse3 .cse4) (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1) .cse4))) [2022-07-22 17:38:51,372 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-22 17:38:51,372 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-22 17:38:51,372 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-22 17:38:51,372 INFO L895 garLoopResultBuilder]: At program point L858(lines 854 860) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-07-22 17:38:51,372 INFO L899 garLoopResultBuilder]: For program point L140(lines 140 147) no Hoare annotation was computed. [2022-07-22 17:38:51,372 INFO L899 garLoopResultBuilder]: For program point L458(lines 458 462) no Hoare annotation was computed. [2022-07-22 17:38:51,372 INFO L899 garLoopResultBuilder]: For program point L140-2(lines 140 147) no Hoare annotation was computed. [2022-07-22 17:38:51,372 INFO L895 garLoopResultBuilder]: At program point L458-2(lines 450 463) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) .cse3 .cse4) (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1) .cse4))) [2022-07-22 17:38:51,372 INFO L899 garLoopResultBuilder]: For program point L421(lines 420 467) no Hoare annotation was computed. [2022-07-22 17:38:51,372 INFO L899 garLoopResultBuilder]: For program point L450(lines 450 463) no Hoare annotation was computed. [2022-07-22 17:38:51,372 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-22 17:38:51,372 INFO L902 garLoopResultBuilder]: At program point L124(lines 117 126) the Hoare annotation is: true [2022-07-22 17:38:51,372 INFO L895 garLoopResultBuilder]: At program point L442(line 442) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) .cse3 .cse4) (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1) .cse4))) [2022-07-22 17:38:51,372 INFO L902 garLoopResultBuilder]: At program point L471(lines 410 475) the Hoare annotation is: true [2022-07-22 17:38:51,372 INFO L902 garLoopResultBuilder]: At program point L149(lines 130 152) the Hoare annotation is: true [2022-07-22 17:38:51,373 INFO L899 garLoopResultBuilder]: For program point L430(lines 430 436) no Hoare annotation was computed. [2022-07-22 17:38:51,373 INFO L899 garLoopResultBuilder]: For program point L430-1(lines 430 436) no Hoare annotation was computed. [2022-07-22 17:38:51,373 INFO L899 garLoopResultBuilder]: For program point L422(lines 422 426) no Hoare annotation was computed. [2022-07-22 17:38:51,373 INFO L895 garLoopResultBuilder]: At program point L406(lines 401 408) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) .cse3 .cse4) (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1) .cse4))) [2022-07-22 17:38:51,373 INFO L895 garLoopResultBuilder]: At program point L468(lines 419 469) the Hoare annotation is: false [2022-07-22 17:38:51,373 INFO L895 garLoopResultBuilder]: At program point L113(lines 109 115) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-07-22 17:38:51,373 INFO L895 garLoopResultBuilder]: At program point L873(lines 868 876) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-07-22 17:38:51,373 INFO L899 garLoopResultBuilder]: For program point L176-1(lines 172 183) no Hoare annotation was computed. [2022-07-22 17:38:51,373 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 172 183) no Hoare annotation was computed. [2022-07-22 17:38:51,373 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 172 183) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (= ~waterLevel~0 1)))) [2022-07-22 17:38:51,375 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-07-22 17:38:51,377 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-22 17:38:51,390 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 22.07 05:38:51 BoogieIcfgContainer [2022-07-22 17:38:51,391 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-22 17:38:51,391 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-22 17:38:51,391 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-22 17:38:51,391 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-22 17:38:51,391 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:48" (3/4) ... [2022-07-22 17:38:51,393 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-22 17:38:51,398 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-22 17:38:51,398 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-22 17:38:51,398 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-22 17:38:51,398 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-22 17:38:51,398 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-22 17:38:51,402 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 50 nodes and edges [2022-07-22 17:38:51,403 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-22 17:38:51,403 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-22 17:38:51,403 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-22 17:38:51,403 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-22 17:38:51,403 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:38:51,404 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:38:51,418 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) [2022-07-22 17:38:51,419 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) [2022-07-22 17:38:51,419 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == 0 && \result == 1) && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive)) [2022-07-22 17:38:51,419 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive [2022-07-22 17:38:51,419 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) [2022-07-22 17:38:51,420 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == 0 && \result == 1) && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive)) [2022-07-22 17:38:51,420 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) || 0 == systemActive) [2022-07-22 17:38:51,420 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive [2022-07-22 17:38:51,420 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(\result == 0)) && !(tmp == 0)) && waterLevel == 1)) || !(\old(waterLevel) == 1)) || 0 == systemActive) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(\result == 0)) && !(tmp == 0)) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(2 <= \old(waterLevel))) [2022-07-22 17:38:51,420 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive [2022-07-22 17:38:51,420 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive [2022-07-22 17:38:51,420 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive [2022-07-22 17:38:51,420 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive [2022-07-22 17:38:51,431 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-22 17:38:51,431 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-22 17:38:51,432 INFO L158 Benchmark]: Toolchain (without parser) took 3504.73ms. Allocated memory was 102.8MB in the beginning and 151.0MB in the end (delta: 48.2MB). Free memory was 61.7MB in the beginning and 57.7MB in the end (delta: 4.1MB). Peak memory consumption was 53.2MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,432 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 102.8MB. Free memory is still 78.8MB. There was no memory consumed. Max. memory is 16.1GB. [2022-07-22 17:38:51,432 INFO L158 Benchmark]: CACSL2BoogieTranslator took 410.38ms. Allocated memory is still 102.8MB. Free memory was 61.6MB in the beginning and 70.6MB in the end (delta: -9.0MB). Peak memory consumption was 4.4MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,432 INFO L158 Benchmark]: Boogie Procedure Inliner took 39.10ms. Allocated memory is still 102.8MB. Free memory was 70.6MB in the beginning and 68.3MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,432 INFO L158 Benchmark]: Boogie Preprocessor took 50.76ms. Allocated memory is still 102.8MB. Free memory was 68.3MB in the beginning and 66.8MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,432 INFO L158 Benchmark]: RCFGBuilder took 297.79ms. Allocated memory is still 102.8MB. Free memory was 66.8MB in the beginning and 51.5MB in the end (delta: 15.3MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,433 INFO L158 Benchmark]: TraceAbstraction took 2661.50ms. Allocated memory was 102.8MB in the beginning and 151.0MB in the end (delta: 48.2MB). Free memory was 50.9MB in the beginning and 63.0MB in the end (delta: -12.0MB). Peak memory consumption was 38.2MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,433 INFO L158 Benchmark]: Witness Printer took 40.23ms. Allocated memory is still 151.0MB. Free memory was 63.0MB in the beginning and 57.7MB in the end (delta: 5.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,434 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 102.8MB. Free memory is still 78.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 410.38ms. Allocated memory is still 102.8MB. Free memory was 61.6MB in the beginning and 70.6MB in the end (delta: -9.0MB). Peak memory consumption was 4.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 39.10ms. Allocated memory is still 102.8MB. Free memory was 70.6MB in the beginning and 68.3MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 50.76ms. Allocated memory is still 102.8MB. Free memory was 68.3MB in the beginning and 66.8MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 297.79ms. Allocated memory is still 102.8MB. Free memory was 66.8MB in the beginning and 51.5MB in the end (delta: 15.3MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * TraceAbstraction took 2661.50ms. Allocated memory was 102.8MB in the beginning and 151.0MB in the end (delta: 48.2MB). Free memory was 50.9MB in the beginning and 63.0MB in the end (delta: -12.0MB). Peak memory consumption was 38.2MB. Max. memory is 16.1GB. * Witness Printer took 40.23ms. Allocated memory is still 151.0MB. Free memory was 63.0MB in the beginning and 57.7MB in the end (delta: 5.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 882]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 6 procedures, 68 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.6s, OverallIterations: 6, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.6s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 404 SdHoareTripleChecker+Valid, 0.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 401 mSDsluCounter, 1127 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 748 mSDsCounter, 84 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 291 IncrementalHoareTripleChecker+Invalid, 375 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 84 mSolverCounterUnsat, 379 mSDtfsCounter, 291 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 178 GetRequests, 140 SyntacticMatches, 1 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 60 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=123occurred in iteration=4, InterpolantAutomatonStates: 31, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 6 MinimizatonAttempts, 5 StatesRemovedByMinimization, 1 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 33 LocationsWithAnnotation, 227 PreInvPairs, 249 NumberOfFragments, 603 HoareAnnotationTreeSize, 227 FomulaSimplifications, 105 FormulaSimplificationTreeSizeReduction, 0.0s HoareSimplificationTime, 33 FomulaSimplificationsInter, 474 FormulaSimplificationTreeSizeReductionInter, 0.6s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 0.7s InterpolantComputationTime, 248 NumberOfCodeBlocks, 248 NumberOfCodeBlocksAsserted, 7 NumberOfCheckSat, 301 ConstructedInterpolants, 0 QuantifiedInterpolants, 760 SizeOfPredicates, 0 NumberOfNonLiveVariables, 372 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 8 InterpolantComputations, 5 PerfectInterpolantSequences, 66/72 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 861]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 356]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive - InvariantResult [Line: 304]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 419]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 52]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 345]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive - InvariantResult [Line: 878]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive - InvariantResult [Line: 160]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive - InvariantResult [Line: 240]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(\result == 0)) && !(tmp == 0)) && waterLevel == 1)) || !(\old(waterLevel) == 1)) || 0 == systemActive) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(\result == 0)) && !(tmp == 0)) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 401]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && \result == 1) && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive)) - InvariantResult [Line: 337]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive - InvariantResult [Line: 854]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 868]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 130]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 410]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 420]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && \result == 1) && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive)) - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 117]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 228]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 196]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel))) || 0 == systemActive RESULT: Ultimate proved your program to be correct! [2022-07-22 17:38:51,462 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE