./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 791161d1 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 315d60eb588d6482efeebc0b747aa91d22e611dd88f8ad5f52fb821083a93df1 --- Real Ultimate output --- This is Ultimate 0.2.2-?-791161d [2022-07-22 17:38:47,675 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-22 17:38:47,677 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-22 17:38:47,709 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-22 17:38:47,710 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-22 17:38:47,711 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-22 17:38:47,712 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-22 17:38:47,716 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-22 17:38:47,717 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-22 17:38:47,720 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-22 17:38:47,721 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-22 17:38:47,723 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-22 17:38:47,723 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-22 17:38:47,724 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-22 17:38:47,726 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-22 17:38:47,728 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-22 17:38:47,729 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-22 17:38:47,730 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-22 17:38:47,731 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-22 17:38:47,735 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-22 17:38:47,736 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-22 17:38:47,737 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-22 17:38:47,737 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-22 17:38:47,738 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-22 17:38:47,739 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-22 17:38:47,744 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-22 17:38:47,744 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-22 17:38:47,744 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-22 17:38:47,745 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-22 17:38:47,745 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-22 17:38:47,747 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-22 17:38:47,747 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-22 17:38:47,748 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-22 17:38:47,749 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-22 17:38:47,749 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-22 17:38:47,750 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-22 17:38:47,750 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-22 17:38:47,750 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-22 17:38:47,751 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-22 17:38:47,751 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-22 17:38:47,751 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-22 17:38:47,753 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-22 17:38:47,754 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-22 17:38:47,777 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-22 17:38:47,778 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-22 17:38:47,778 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-22 17:38:47,778 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-22 17:38:47,779 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-22 17:38:47,779 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-22 17:38:47,779 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-22 17:38:47,779 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-22 17:38:47,780 INFO L138 SettingsManager]: * Use SBE=true [2022-07-22 17:38:47,780 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-22 17:38:47,780 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-22 17:38:47,780 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-22 17:38:47,781 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-22 17:38:47,781 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-22 17:38:47,781 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-22 17:38:47,781 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-22 17:38:47,781 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-22 17:38:47,781 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-22 17:38:47,782 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-22 17:38:47,782 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-22 17:38:47,782 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-22 17:38:47,782 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-22 17:38:47,782 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-22 17:38:47,782 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-22 17:38:47,782 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:38:47,783 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-22 17:38:47,783 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-22 17:38:47,783 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-22 17:38:47,783 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-22 17:38:47,783 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-22 17:38:47,783 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-22 17:38:47,784 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-22 17:38:47,784 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-22 17:38:47,784 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 315d60eb588d6482efeebc0b747aa91d22e611dd88f8ad5f52fb821083a93df1 [2022-07-22 17:38:47,962 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-22 17:38:47,976 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-22 17:38:47,978 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-22 17:38:47,978 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-22 17:38:47,979 INFO L275 PluginConnector]: CDTParser initialized [2022-07-22 17:38:47,980 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c [2022-07-22 17:38:48,045 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5b7f5a601/bb77df2c64144cdc8550312b6c798f04/FLAGc71c8f8eb [2022-07-22 17:38:48,420 INFO L306 CDTParser]: Found 1 translation units. [2022-07-22 17:38:48,420 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c [2022-07-22 17:38:48,433 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5b7f5a601/bb77df2c64144cdc8550312b6c798f04/FLAGc71c8f8eb [2022-07-22 17:38:48,447 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5b7f5a601/bb77df2c64144cdc8550312b6c798f04 [2022-07-22 17:38:48,448 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-22 17:38:48,449 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-22 17:38:48,450 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-22 17:38:48,450 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-22 17:38:48,453 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-22 17:38:48,453 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,454 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2dbbc090 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48, skipping insertion in model container [2022-07-22 17:38:48,454 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,459 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-22 17:38:48,479 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-22 17:38:48,678 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c[17389,17402] [2022-07-22 17:38:48,685 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:38:48,694 INFO L203 MainTranslator]: Completed pre-run [2022-07-22 17:38:48,742 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c[17389,17402] [2022-07-22 17:38:48,743 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:38:48,754 INFO L208 MainTranslator]: Completed translation [2022-07-22 17:38:48,755 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48 WrapperNode [2022-07-22 17:38:48,755 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-22 17:38:48,756 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-22 17:38:48,756 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-22 17:38:48,756 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-22 17:38:48,761 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,777 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,806 INFO L137 Inliner]: procedures = 52, calls = 151, calls flagged for inlining = 21, calls inlined = 18, statements flattened = 219 [2022-07-22 17:38:48,810 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-22 17:38:48,811 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-22 17:38:48,811 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-22 17:38:48,811 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-22 17:38:48,828 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,828 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,837 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,838 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,841 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,844 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,846 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,847 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-22 17:38:48,848 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-22 17:38:48,848 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-22 17:38:48,848 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-22 17:38:48,849 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (1/1) ... [2022-07-22 17:38:48,866 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:38:48,877 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:38:48,886 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-22 17:38:48,888 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-22 17:38:48,910 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-22 17:38:48,911 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-22 17:38:48,911 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-22 17:38:48,911 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-22 17:38:48,911 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-22 17:38:48,911 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-22 17:38:48,911 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-22 17:38:48,911 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-22 17:38:48,912 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-22 17:38:48,912 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-07-22 17:38:48,912 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-07-22 17:38:48,912 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-22 17:38:48,912 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-22 17:38:48,912 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-22 17:38:48,912 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-22 17:38:48,912 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-22 17:38:48,958 INFO L234 CfgBuilder]: Building ICFG [2022-07-22 17:38:48,959 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-22 17:38:49,151 INFO L275 CfgBuilder]: Performing block encoding [2022-07-22 17:38:49,156 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-22 17:38:49,156 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-22 17:38:49,158 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:49 BoogieIcfgContainer [2022-07-22 17:38:49,158 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-22 17:38:49,159 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-22 17:38:49,159 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-22 17:38:49,162 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-22 17:38:49,162 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 22.07 05:38:48" (1/3) ... [2022-07-22 17:38:49,162 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7990cad2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:38:49, skipping insertion in model container [2022-07-22 17:38:49,162 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:48" (2/3) ... [2022-07-22 17:38:49,163 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7990cad2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:38:49, skipping insertion in model container [2022-07-22 17:38:49,163 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:49" (3/3) ... [2022-07-22 17:38:49,163 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product08.cil.c [2022-07-22 17:38:49,174 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-22 17:38:49,175 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-22 17:38:49,206 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-22 17:38:49,210 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@7bd08548, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@2ea12371 [2022-07-22 17:38:49,211 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-22 17:38:49,214 INFO L276 IsEmpty]: Start isEmpty. Operand has 75 states, 57 states have (on average 1.3859649122807018) internal successors, (79), 64 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2022-07-22 17:38:49,219 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-07-22 17:38:49,220 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:49,220 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:49,221 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:49,224 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:49,224 INFO L85 PathProgramCache]: Analyzing trace with hash -1667001244, now seen corresponding path program 1 times [2022-07-22 17:38:49,230 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:49,230 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1722254956] [2022-07-22 17:38:49,231 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:49,231 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:49,309 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,361 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:49,361 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:49,362 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1722254956] [2022-07-22 17:38:49,362 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1722254956] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:49,362 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:49,362 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-22 17:38:49,363 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1910532625] [2022-07-22 17:38:49,364 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:49,367 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-22 17:38:49,368 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:49,390 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-22 17:38:49,392 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:38:49,394 INFO L87 Difference]: Start difference. First operand has 75 states, 57 states have (on average 1.3859649122807018) internal successors, (79), 64 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,428 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:49,428 INFO L93 Difference]: Finished difference Result 142 states and 193 transitions. [2022-07-22 17:38:49,430 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-22 17:38:49,431 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-07-22 17:38:49,431 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:49,440 INFO L225 Difference]: With dead ends: 142 [2022-07-22 17:38:49,440 INFO L226 Difference]: Without dead ends: 66 [2022-07-22 17:38:49,443 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:38:49,446 INFO L413 NwaCegarLoop]: 93 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 93 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:49,446 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 93 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:49,458 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 66 states. [2022-07-22 17:38:49,486 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 66 to 66. [2022-07-22 17:38:49,487 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 56 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-07-22 17:38:49,492 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 84 transitions. [2022-07-22 17:38:49,494 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 84 transitions. Word has length 19 [2022-07-22 17:38:49,494 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:49,494 INFO L495 AbstractCegarLoop]: Abstraction has 66 states and 84 transitions. [2022-07-22 17:38:49,495 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,495 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 84 transitions. [2022-07-22 17:38:49,498 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-07-22 17:38:49,498 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:49,498 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:49,499 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-22 17:38:49,499 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:49,501 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:49,501 INFO L85 PathProgramCache]: Analyzing trace with hash 108811362, now seen corresponding path program 1 times [2022-07-22 17:38:49,501 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:49,502 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2098190926] [2022-07-22 17:38:49,502 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:49,502 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:49,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,622 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:49,623 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:49,623 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2098190926] [2022-07-22 17:38:49,624 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2098190926] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:49,624 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:49,624 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-22 17:38:49,625 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1591631677] [2022-07-22 17:38:49,625 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:49,626 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:38:49,626 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:49,627 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:38:49,627 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:49,627 INFO L87 Difference]: Start difference. First operand 66 states and 84 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,637 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:49,639 INFO L93 Difference]: Finished difference Result 93 states and 117 transitions. [2022-07-22 17:38:49,640 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:38:49,640 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2022-07-22 17:38:49,641 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:49,643 INFO L225 Difference]: With dead ends: 93 [2022-07-22 17:38:49,643 INFO L226 Difference]: Without dead ends: 57 [2022-07-22 17:38:49,646 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:49,648 INFO L413 NwaCegarLoop]: 71 mSDtfsCounter, 17 mSDsluCounter, 49 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 120 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:49,649 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 120 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:49,651 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 57 states. [2022-07-22 17:38:49,655 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 57 to 57. [2022-07-22 17:38:49,657 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 50 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2022-07-22 17:38:49,658 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 57 states to 57 states and 72 transitions. [2022-07-22 17:38:49,659 INFO L78 Accepts]: Start accepts. Automaton has 57 states and 72 transitions. Word has length 20 [2022-07-22 17:38:49,659 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:49,660 INFO L495 AbstractCegarLoop]: Abstraction has 57 states and 72 transitions. [2022-07-22 17:38:49,660 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,660 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 72 transitions. [2022-07-22 17:38:49,664 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-07-22 17:38:49,664 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:49,664 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:49,665 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-22 17:38:49,665 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:49,666 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:49,666 INFO L85 PathProgramCache]: Analyzing trace with hash 1255678841, now seen corresponding path program 1 times [2022-07-22 17:38:49,666 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:49,666 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2120143224] [2022-07-22 17:38:49,666 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:49,667 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:49,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,739 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:49,740 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:49,740 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2120143224] [2022-07-22 17:38:49,740 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2120143224] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:49,740 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:49,740 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-22 17:38:49,740 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2085110421] [2022-07-22 17:38:49,741 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:49,741 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-07-22 17:38:49,741 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:49,741 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-07-22 17:38:49,742 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-07-22 17:38:49,742 INFO L87 Difference]: Start difference. First operand 57 states and 72 transitions. Second operand has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,812 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:49,812 INFO L93 Difference]: Finished difference Result 145 states and 188 transitions. [2022-07-22 17:38:49,813 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-22 17:38:49,813 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 25 [2022-07-22 17:38:49,813 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:49,814 INFO L225 Difference]: With dead ends: 145 [2022-07-22 17:38:49,814 INFO L226 Difference]: Without dead ends: 95 [2022-07-22 17:38:49,815 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-07-22 17:38:49,816 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 135 mSDsluCounter, 156 mSDsCounter, 0 mSdLazyCounter, 12 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 135 SdHoareTripleChecker+Valid, 236 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 12 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:49,816 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [135 Valid, 236 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 12 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:49,817 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 95 states. [2022-07-22 17:38:49,824 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 95 to 92. [2022-07-22 17:38:49,825 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 92 states, 71 states have (on average 1.352112676056338) internal successors, (96), 80 states have internal predecessors, (96), 11 states have call successors, (11), 9 states have call predecessors, (11), 9 states have return successors, (12), 8 states have call predecessors, (12), 11 states have call successors, (12) [2022-07-22 17:38:49,825 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 92 states to 92 states and 119 transitions. [2022-07-22 17:38:49,826 INFO L78 Accepts]: Start accepts. Automaton has 92 states and 119 transitions. Word has length 25 [2022-07-22 17:38:49,826 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:49,826 INFO L495 AbstractCegarLoop]: Abstraction has 92 states and 119 transitions. [2022-07-22 17:38:49,826 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:49,826 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states and 119 transitions. [2022-07-22 17:38:49,827 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-07-22 17:38:49,827 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:49,827 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:49,828 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-22 17:38:49,828 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:49,828 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:49,828 INFO L85 PathProgramCache]: Analyzing trace with hash 1665755050, now seen corresponding path program 1 times [2022-07-22 17:38:49,828 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:49,829 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1250930329] [2022-07-22 17:38:49,829 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:49,829 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:49,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:49,955 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:49,956 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:49,956 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1250930329] [2022-07-22 17:38:49,956 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1250930329] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:49,956 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:49,956 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-07-22 17:38:49,957 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1091215959] [2022-07-22 17:38:49,957 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:49,957 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-22 17:38:49,960 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:49,961 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-22 17:38:49,961 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-07-22 17:38:49,961 INFO L87 Difference]: Start difference. First operand 92 states and 119 transitions. Second operand has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:50,129 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:50,130 INFO L93 Difference]: Finished difference Result 335 states and 468 transitions. [2022-07-22 17:38:50,130 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-07-22 17:38:50,130 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 28 [2022-07-22 17:38:50,131 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:50,136 INFO L225 Difference]: With dead ends: 335 [2022-07-22 17:38:50,136 INFO L226 Difference]: Without dead ends: 250 [2022-07-22 17:38:50,139 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=51, Invalid=131, Unknown=0, NotChecked=0, Total=182 [2022-07-22 17:38:50,147 INFO L413 NwaCegarLoop]: 78 mSDtfsCounter, 151 mSDsluCounter, 413 mSDsCounter, 0 mSdLazyCounter, 121 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 151 SdHoareTripleChecker+Valid, 491 SdHoareTripleChecker+Invalid, 139 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 121 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:50,148 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [151 Valid, 491 Invalid, 139 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 121 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:50,150 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 250 states. [2022-07-22 17:38:50,180 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 250 to 240. [2022-07-22 17:38:50,181 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 240 states, 183 states have (on average 1.3333333333333333) internal successors, (244), 206 states have internal predecessors, (244), 31 states have call successors, (31), 25 states have call predecessors, (31), 25 states have return successors, (42), 22 states have call predecessors, (42), 31 states have call successors, (42) [2022-07-22 17:38:50,182 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 240 states to 240 states and 317 transitions. [2022-07-22 17:38:50,183 INFO L78 Accepts]: Start accepts. Automaton has 240 states and 317 transitions. Word has length 28 [2022-07-22 17:38:50,183 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:50,183 INFO L495 AbstractCegarLoop]: Abstraction has 240 states and 317 transitions. [2022-07-22 17:38:50,183 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:50,183 INFO L276 IsEmpty]: Start isEmpty. Operand 240 states and 317 transitions. [2022-07-22 17:38:50,185 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-07-22 17:38:50,185 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:50,185 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:50,185 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-22 17:38:50,185 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:50,186 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:50,186 INFO L85 PathProgramCache]: Analyzing trace with hash 166370863, now seen corresponding path program 1 times [2022-07-22 17:38:50,186 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:50,186 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [118310659] [2022-07-22 17:38:50,186 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:50,187 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:50,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:50,230 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:50,231 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:50,231 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [118310659] [2022-07-22 17:38:50,231 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [118310659] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:50,231 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:50,231 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-22 17:38:50,232 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1355981102] [2022-07-22 17:38:50,232 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:50,232 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:38:50,232 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:50,233 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:38:50,233 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:50,233 INFO L87 Difference]: Start difference. First operand 240 states and 317 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:50,250 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:50,250 INFO L93 Difference]: Finished difference Result 424 states and 573 transitions. [2022-07-22 17:38:50,250 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:38:50,250 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 30 [2022-07-22 17:38:50,251 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:50,254 INFO L225 Difference]: With dead ends: 424 [2022-07-22 17:38:50,254 INFO L226 Difference]: Without dead ends: 191 [2022-07-22 17:38:50,255 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:50,256 INFO L413 NwaCegarLoop]: 50 mSDtfsCounter, 34 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 50 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:50,257 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 50 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:50,258 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 191 states. [2022-07-22 17:38:50,297 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 191 to 188. [2022-07-22 17:38:50,298 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 188 states, 149 states have (on average 1.261744966442953) internal successors, (188), 160 states have internal predecessors, (188), 19 states have call successors, (19), 19 states have call predecessors, (19), 19 states have return successors, (24), 19 states have call predecessors, (24), 19 states have call successors, (24) [2022-07-22 17:38:50,299 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 188 states to 188 states and 231 transitions. [2022-07-22 17:38:50,299 INFO L78 Accepts]: Start accepts. Automaton has 188 states and 231 transitions. Word has length 30 [2022-07-22 17:38:50,300 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:50,300 INFO L495 AbstractCegarLoop]: Abstraction has 188 states and 231 transitions. [2022-07-22 17:38:50,300 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:50,300 INFO L276 IsEmpty]: Start isEmpty. Operand 188 states and 231 transitions. [2022-07-22 17:38:50,301 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2022-07-22 17:38:50,301 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:50,302 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:50,302 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-22 17:38:50,302 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:50,302 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:50,303 INFO L85 PathProgramCache]: Analyzing trace with hash -1797903565, now seen corresponding path program 1 times [2022-07-22 17:38:50,303 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:50,303 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1762810978] [2022-07-22 17:38:50,303 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:50,303 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:50,319 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:50,349 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2022-07-22 17:38:50,351 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:50,360 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-22 17:38:50,362 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:50,368 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2022-07-22 17:38:50,369 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:50,371 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-07-22 17:38:50,371 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:50,371 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1762810978] [2022-07-22 17:38:50,372 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1762810978] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-22 17:38:50,372 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1318773959] [2022-07-22 17:38:50,372 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:50,372 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-22 17:38:50,372 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:38:50,374 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-22 17:38:50,375 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-22 17:38:50,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:50,461 INFO L263 TraceCheckSpWp]: Trace formula consists of 370 conjuncts, 9 conjunts are in the unsatisfiable core [2022-07-22 17:38:50,465 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-22 17:38:50,603 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 16 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-22 17:38:50,603 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-22 17:38:50,778 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 16 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:50,779 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1318773959] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-22 17:38:50,779 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-22 17:38:50,779 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6, 7] total 15 [2022-07-22 17:38:50,779 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [424786737] [2022-07-22 17:38:50,779 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-22 17:38:50,780 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-07-22 17:38:50,781 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:50,781 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-07-22 17:38:50,782 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=162, Unknown=0, NotChecked=0, Total=210 [2022-07-22 17:38:50,782 INFO L87 Difference]: Start difference. First operand 188 states and 231 transitions. Second operand has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-22 17:38:50,919 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:50,919 INFO L93 Difference]: Finished difference Result 253 states and 310 transitions. [2022-07-22 17:38:50,920 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-22 17:38:50,920 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 54 [2022-07-22 17:38:50,920 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:50,921 INFO L225 Difference]: With dead ends: 253 [2022-07-22 17:38:50,921 INFO L226 Difference]: Without dead ends: 0 [2022-07-22 17:38:50,921 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 124 GetRequests, 105 SyntacticMatches, 1 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=281, Unknown=0, NotChecked=0, Total=380 [2022-07-22 17:38:50,922 INFO L413 NwaCegarLoop]: 71 mSDtfsCounter, 145 mSDsluCounter, 230 mSDsCounter, 0 mSdLazyCounter, 156 mSolverCounterSat, 52 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 145 SdHoareTripleChecker+Valid, 301 SdHoareTripleChecker+Invalid, 208 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 52 IncrementalHoareTripleChecker+Valid, 156 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:50,922 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [145 Valid, 301 Invalid, 208 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [52 Valid, 156 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:50,923 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-22 17:38:50,923 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-22 17:38:50,923 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:50,923 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-22 17:38:50,923 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 54 [2022-07-22 17:38:50,923 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:50,924 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-22 17:38:50,924 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-22 17:38:50,924 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-22 17:38:50,924 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-22 17:38:50,926 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-22 17:38:50,962 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-22 17:38:51,133 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2022-07-22 17:38:51,135 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-22 17:38:51,830 INFO L902 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 739 746) the Hoare annotation is: true [2022-07-22 17:38:51,831 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 739 746) no Hoare annotation was computed. [2022-07-22 17:38:51,831 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 739 746) no Hoare annotation was computed. [2022-07-22 17:38:51,831 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 698 704) no Hoare annotation was computed. [2022-07-22 17:38:51,831 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 698 704) the Hoare annotation is: true [2022-07-22 17:38:51,831 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 82 93) the Hoare annotation is: true [2022-07-22 17:38:51,831 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 82 93) no Hoare annotation was computed. [2022-07-22 17:38:51,832 INFO L899 garLoopResultBuilder]: For program point L86-1(lines 82 93) no Hoare annotation was computed. [2022-07-22 17:38:51,832 INFO L895 garLoopResultBuilder]: At program point L725(line 725) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:38:51,832 INFO L895 garLoopResultBuilder]: At program point L725-1(lines 706 730) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:38:51,832 INFO L895 garLoopResultBuilder]: At program point L754(lines 747 757) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:51,832 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 674 697) no Hoare annotation was computed. [2022-07-22 17:38:51,832 INFO L895 garLoopResultBuilder]: At program point L131(lines 126 134) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_getWaterLevel_#res#1| 0)))) (and (or .cse0 (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 (= ~waterLevel~0 1))))) [2022-07-22 17:38:51,833 INFO L895 garLoopResultBuilder]: At program point L763(lines 758 766) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:51,833 INFO L899 garLoopResultBuilder]: For program point L685-1(lines 685 691) no Hoare annotation was computed. [2022-07-22 17:38:51,833 INFO L899 garLoopResultBuilder]: For program point L714(lines 714 722) no Hoare annotation was computed. [2022-07-22 17:38:51,833 INFO L899 garLoopResultBuilder]: For program point L710(lines 710 727) no Hoare annotation was computed. [2022-07-22 17:38:51,833 INFO L899 garLoopResultBuilder]: For program point L900(line 900) no Hoare annotation was computed. [2022-07-22 17:38:51,833 INFO L895 garLoopResultBuilder]: At program point L99(lines 94 102) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:51,833 INFO L899 garLoopResultBuilder]: For program point L62(lines 62 66) no Hoare annotation was computed. [2022-07-22 17:38:51,833 INFO L895 garLoopResultBuilder]: At program point L62-2(lines 58 69) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:51,834 INFO L899 garLoopResultBuilder]: For program point L653(lines 653 659) no Hoare annotation was computed. [2022-07-22 17:38:51,834 INFO L899 garLoopResultBuilder]: For program point L649(lines 649 662) no Hoare annotation was computed. [2022-07-22 17:38:51,834 INFO L895 garLoopResultBuilder]: At program point L649-1(lines 641 665) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0))) (.cse3 (not (= |timeShift_getWaterLevel_#res#1| 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 .cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:38:51,834 INFO L899 garLoopResultBuilder]: For program point L678-1(lines 677 696) no Hoare annotation was computed. [2022-07-22 17:38:51,834 INFO L895 garLoopResultBuilder]: At program point L901(lines 896 903) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:51,834 INFO L895 garLoopResultBuilder]: At program point L720(line 720) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:51,834 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 674 697) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:38:51,835 INFO L895 garLoopResultBuilder]: At program point L716(line 716) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:51,835 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 674 697) no Hoare annotation was computed. [2022-07-22 17:38:51,835 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 900) no Hoare annotation was computed. [2022-07-22 17:38:51,835 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 176 205) no Hoare annotation was computed. [2022-07-22 17:38:51,835 INFO L899 garLoopResultBuilder]: For program point L190(lines 190 194) no Hoare annotation was computed. [2022-07-22 17:38:51,835 INFO L902 garLoopResultBuilder]: At program point L190-1(lines 190 194) the Hoare annotation is: true [2022-07-22 17:38:51,835 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 176 205) the Hoare annotation is: true [2022-07-22 17:38:51,836 INFO L899 garLoopResultBuilder]: For program point L187(line 187) no Hoare annotation was computed. [2022-07-22 17:38:51,836 INFO L902 garLoopResultBuilder]: At program point L186-2(lines 186 200) the Hoare annotation is: true [2022-07-22 17:38:51,836 INFO L902 garLoopResultBuilder]: At program point L182(line 182) the Hoare annotation is: true [2022-07-22 17:38:51,836 INFO L899 garLoopResultBuilder]: For program point L182-1(line 182) no Hoare annotation was computed. [2022-07-22 17:38:51,836 INFO L902 garLoopResultBuilder]: At program point L201(lines 176 205) the Hoare annotation is: true [2022-07-22 17:38:51,836 INFO L899 garLoopResultBuilder]: For program point L197(line 197) no Hoare annotation was computed. [2022-07-22 17:38:51,836 INFO L902 garLoopResultBuilder]: At program point L890(lines 827 894) the Hoare annotation is: true [2022-07-22 17:38:51,836 INFO L899 garLoopResultBuilder]: For program point L857(lines 857 863) no Hoare annotation was computed. [2022-07-22 17:38:51,837 INFO L899 garLoopResultBuilder]: For program point L857-1(lines 857 863) no Hoare annotation was computed. [2022-07-22 17:38:51,837 INFO L902 garLoopResultBuilder]: At program point L246(lines 239 248) the Hoare annotation is: true [2022-07-22 17:38:51,837 INFO L895 garLoopResultBuilder]: At program point L849(line 849) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) .cse3) (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1)))) [2022-07-22 17:38:51,837 INFO L899 garLoopResultBuilder]: For program point L259(lines 259 266) no Hoare annotation was computed. [2022-07-22 17:38:51,837 INFO L899 garLoopResultBuilder]: For program point L259-2(lines 259 266) no Hoare annotation was computed. [2022-07-22 17:38:51,837 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-22 17:38:51,837 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-22 17:38:51,837 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-22 17:38:51,838 INFO L895 garLoopResultBuilder]: At program point L887(lines 836 888) the Hoare annotation is: false [2022-07-22 17:38:51,838 INFO L902 garLoopResultBuilder]: At program point L268(lines 249 271) the Hoare annotation is: true [2022-07-22 17:38:51,838 INFO L895 garLoopResultBuilder]: At program point L235(lines 231 237) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-07-22 17:38:51,838 INFO L899 garLoopResultBuilder]: For program point L875(lines 875 881) no Hoare annotation was computed. [2022-07-22 17:38:51,838 INFO L895 garLoopResultBuilder]: At program point L169(lines 164 172) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-07-22 17:38:51,838 INFO L895 garLoopResultBuilder]: At program point L809(line 809) the Hoare annotation is: false [2022-07-22 17:38:51,839 INFO L895 garLoopResultBuilder]: At program point L875-2(lines 867 882) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) .cse3) (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1)))) [2022-07-22 17:38:51,839 INFO L899 garLoopResultBuilder]: For program point L838(lines 837 886) no Hoare annotation was computed. [2022-07-22 17:38:51,839 INFO L899 garLoopResultBuilder]: For program point L867(lines 867 882) no Hoare annotation was computed. [2022-07-22 17:38:51,839 INFO L895 garLoopResultBuilder]: At program point L161(lines 157 163) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-07-22 17:38:51,839 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-22 17:38:51,839 INFO L895 garLoopResultBuilder]: At program point L859(line 859) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) .cse3) (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1)))) [2022-07-22 17:38:51,839 INFO L895 garLoopResultBuilder]: At program point L884(lines 837 886) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) .cse3) (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1)))) [2022-07-22 17:38:51,840 INFO L899 garLoopResultBuilder]: For program point L847(lines 847 853) no Hoare annotation was computed. [2022-07-22 17:38:51,840 INFO L899 garLoopResultBuilder]: For program point L847-1(lines 847 853) no Hoare annotation was computed. [2022-07-22 17:38:51,840 INFO L899 garLoopResultBuilder]: For program point L839(lines 839 843) no Hoare annotation was computed. [2022-07-22 17:38:51,840 INFO L895 garLoopResultBuilder]: At program point L154(lines 150 156) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-07-22 17:38:51,840 INFO L895 garLoopResultBuilder]: At program point L823(lines 818 825) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) .cse3 .cse4) (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1) .cse4))) [2022-07-22 17:38:51,840 INFO L895 garLoopResultBuilder]: At program point L815(lines 803 817) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) .cse3) (and .cse0 .cse1 .cse2 .cse3 (= ~waterLevel~0 1)))) [2022-07-22 17:38:51,840 INFO L899 garLoopResultBuilder]: For program point L807(lines 807 813) no Hoare annotation was computed. [2022-07-22 17:38:51,841 INFO L899 garLoopResultBuilder]: For program point L807-1(lines 807 813) no Hoare annotation was computed. [2022-07-22 17:38:51,841 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 70 81) no Hoare annotation was computed. [2022-07-22 17:38:51,841 INFO L899 garLoopResultBuilder]: For program point L74-1(lines 70 81) no Hoare annotation was computed. [2022-07-22 17:38:51,841 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 70 81) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0)))) (and (or .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)))) [2022-07-22 17:38:51,843 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-07-22 17:38:51,845 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-22 17:38:51,857 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 22.07 05:38:51 BoogieIcfgContainer [2022-07-22 17:38:51,858 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-22 17:38:51,858 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-22 17:38:51,858 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-22 17:38:51,858 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-22 17:38:51,859 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:49" (3/4) ... [2022-07-22 17:38:51,861 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-22 17:38:51,865 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-07-22 17:38:51,865 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-22 17:38:51,865 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-22 17:38:51,865 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-22 17:38:51,866 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-22 17:38:51,866 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-22 17:38:51,870 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 50 nodes and edges [2022-07-22 17:38:51,870 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-22 17:38:51,870 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-22 17:38:51,871 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-22 17:38:51,871 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-22 17:38:51,871 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:38:51,871 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:38:51,887 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) [2022-07-22 17:38:51,887 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) [2022-07-22 17:38:51,887 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && \result == 1) && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) || ((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) [2022-07-22 17:38:51,888 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-22 17:38:51,888 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) [2022-07-22 17:38:51,888 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == 0 && \result == 1) && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive)) [2022-07-22 17:38:51,889 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) [2022-07-22 17:38:51,889 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-22 17:38:51,889 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && \result == 1) && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) || ((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) [2022-07-22 17:38:51,889 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) [2022-07-22 17:38:51,889 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-22 17:38:51,889 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-22 17:38:51,890 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-22 17:38:51,906 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-22 17:38:51,907 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-22 17:38:51,907 INFO L158 Benchmark]: Toolchain (without parser) took 3457.92ms. Allocated memory was 102.8MB in the beginning and 182.5MB in the end (delta: 79.7MB). Free memory was 70.5MB in the beginning and 156.7MB in the end (delta: -86.3MB). Peak memory consumption was 56.1MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,907 INFO L158 Benchmark]: CDTParser took 0.11ms. Allocated memory is still 102.8MB. Free memory is still 59.7MB. There was no memory consumed. Max. memory is 16.1GB. [2022-07-22 17:38:51,908 INFO L158 Benchmark]: CACSL2BoogieTranslator took 305.06ms. Allocated memory was 102.8MB in the beginning and 136.3MB in the end (delta: 33.6MB). Free memory was 70.2MB in the beginning and 104.2MB in the end (delta: -34.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,908 INFO L158 Benchmark]: Boogie Procedure Inliner took 54.47ms. Allocated memory is still 136.3MB. Free memory was 104.2MB in the beginning and 101.5MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,908 INFO L158 Benchmark]: Boogie Preprocessor took 36.68ms. Allocated memory is still 136.3MB. Free memory was 101.5MB in the beginning and 100.0MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,908 INFO L158 Benchmark]: RCFGBuilder took 309.92ms. Allocated memory is still 136.3MB. Free memory was 100.0MB in the beginning and 84.7MB in the end (delta: 15.3MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,909 INFO L158 Benchmark]: TraceAbstraction took 2698.77ms. Allocated memory is still 136.3MB. Free memory was 84.5MB in the beginning and 52.7MB in the end (delta: 31.8MB). Peak memory consumption was 40.2MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,909 INFO L158 Benchmark]: Witness Printer took 48.49ms. Allocated memory was 136.3MB in the beginning and 182.5MB in the end (delta: 46.1MB). Free memory was 52.7MB in the beginning and 156.7MB in the end (delta: -104.0MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-07-22 17:38:51,910 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.11ms. Allocated memory is still 102.8MB. Free memory is still 59.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 305.06ms. Allocated memory was 102.8MB in the beginning and 136.3MB in the end (delta: 33.6MB). Free memory was 70.2MB in the beginning and 104.2MB in the end (delta: -34.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 54.47ms. Allocated memory is still 136.3MB. Free memory was 104.2MB in the beginning and 101.5MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 36.68ms. Allocated memory is still 136.3MB. Free memory was 101.5MB in the beginning and 100.0MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 309.92ms. Allocated memory is still 136.3MB. Free memory was 100.0MB in the beginning and 84.7MB in the end (delta: 15.3MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * TraceAbstraction took 2698.77ms. Allocated memory is still 136.3MB. Free memory was 84.5MB in the beginning and 52.7MB in the end (delta: 31.8MB). Peak memory consumption was 40.2MB. Max. memory is 16.1GB. * Witness Printer took 48.49ms. Allocated memory was 136.3MB in the beginning and 182.5MB in the end (delta: 46.1MB). Free memory was 52.7MB in the beginning and 156.7MB in the end (delta: -104.0MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 900]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 75 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.6s, OverallIterations: 6, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.7s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 486 SdHoareTripleChecker+Valid, 0.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 482 mSDsluCounter, 1291 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 848 mSDsCounter, 93 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 294 IncrementalHoareTripleChecker+Invalid, 387 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 93 mSolverCounterUnsat, 443 mSDtfsCounter, 294 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 157 GetRequests, 118 SyntacticMatches, 1 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 62 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=240occurred in iteration=4, InterpolantAutomatonStates: 32, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 6 MinimizatonAttempts, 16 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 36 LocationsWithAnnotation, 356 PreInvPairs, 400 NumberOfFragments, 565 HoareAnnotationTreeSize, 356 FomulaSimplifications, 195 FormulaSimplificationTreeSizeReduction, 0.1s HoareSimplificationTime, 36 FomulaSimplificationsInter, 1364 FormulaSimplificationTreeSizeReductionInter, 0.6s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 0.6s InterpolantComputationTime, 230 NumberOfCodeBlocks, 230 NumberOfCodeBlocksAsserted, 7 NumberOfCheckSat, 276 ConstructedInterpolants, 0 QuantifiedInterpolants, 720 SizeOfPredicates, 0 NumberOfNonLiveVariables, 370 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 8 InterpolantComputations, 5 PerfectInterpolantSequences, 51/57 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 827]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 818]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && \result == 1) && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive)) - InvariantResult [Line: 176]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 94]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 126]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) - InvariantResult [Line: 249]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 836]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 803]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && \result == 1) && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) || ((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) - InvariantResult [Line: 150]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 896]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 837]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && \result == 1) && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) || ((((pumpRunning == 0 && \result == 1) && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) - InvariantResult [Line: 164]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 758]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 231]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 58]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 157]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 747]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 641]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 186]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 239]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 706]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) RESULT: Ultimate proved your program to be correct! [2022-07-22 17:38:51,942 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE