./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 791161d1 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 5bb0c67d0f3b897df6aba0c402ea453b42e61f1d6e102d991db16c73430a771e --- Real Ultimate output --- This is Ultimate 0.2.2-?-791161d [2022-07-22 17:38:54,642 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-22 17:38:54,644 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-22 17:38:54,677 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-22 17:38:54,678 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-22 17:38:54,679 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-22 17:38:54,680 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-22 17:38:54,682 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-22 17:38:54,683 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-22 17:38:54,687 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-22 17:38:54,687 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-22 17:38:54,689 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-22 17:38:54,689 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-22 17:38:54,691 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-22 17:38:54,692 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-22 17:38:54,694 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-22 17:38:54,695 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-22 17:38:54,696 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-22 17:38:54,697 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-22 17:38:54,701 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-22 17:38:54,703 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-22 17:38:54,703 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-22 17:38:54,704 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-22 17:38:54,705 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-22 17:38:54,706 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-22 17:38:54,711 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-22 17:38:54,711 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-22 17:38:54,712 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-22 17:38:54,713 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-22 17:38:54,713 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-22 17:38:54,714 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-22 17:38:54,715 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-22 17:38:54,716 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-22 17:38:54,716 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-22 17:38:54,717 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-22 17:38:54,718 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-22 17:38:54,718 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-22 17:38:54,718 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-22 17:38:54,718 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-22 17:38:54,719 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-22 17:38:54,719 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-22 17:38:54,721 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-22 17:38:54,721 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-22 17:38:54,745 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-22 17:38:54,745 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-22 17:38:54,745 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-22 17:38:54,746 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-22 17:38:54,746 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-22 17:38:54,746 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-22 17:38:54,747 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-22 17:38:54,747 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-22 17:38:54,747 INFO L138 SettingsManager]: * Use SBE=true [2022-07-22 17:38:54,748 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-22 17:38:54,748 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-22 17:38:54,748 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-22 17:38:54,748 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-22 17:38:54,749 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-22 17:38:54,749 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-22 17:38:54,749 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-22 17:38:54,749 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-22 17:38:54,749 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-22 17:38:54,749 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-22 17:38:54,750 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-22 17:38:54,751 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-22 17:38:54,751 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-22 17:38:54,751 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-22 17:38:54,751 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-22 17:38:54,751 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:38:54,752 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-22 17:38:54,752 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-22 17:38:54,752 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-22 17:38:54,752 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-22 17:38:54,752 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-22 17:38:54,753 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-22 17:38:54,753 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-22 17:38:54,753 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-22 17:38:54,753 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 5bb0c67d0f3b897df6aba0c402ea453b42e61f1d6e102d991db16c73430a771e [2022-07-22 17:38:54,937 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-22 17:38:54,952 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-22 17:38:54,953 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-22 17:38:54,954 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-22 17:38:54,955 INFO L275 PluginConnector]: CDTParser initialized [2022-07-22 17:38:54,955 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c [2022-07-22 17:38:55,009 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/da3cc2499/329deb2c4d3f4377ad10773f2d775689/FLAG07a9f9d15 [2022-07-22 17:38:55,394 INFO L306 CDTParser]: Found 1 translation units. [2022-07-22 17:38:55,395 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c [2022-07-22 17:38:55,402 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/da3cc2499/329deb2c4d3f4377ad10773f2d775689/FLAG07a9f9d15 [2022-07-22 17:38:55,412 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/da3cc2499/329deb2c4d3f4377ad10773f2d775689 [2022-07-22 17:38:55,414 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-22 17:38:55,415 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-22 17:38:55,421 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-22 17:38:55,422 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-22 17:38:55,433 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-22 17:38:55,434 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,434 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3236157 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55, skipping insertion in model container [2022-07-22 17:38:55,434 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,439 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-22 17:38:55,482 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-22 17:38:55,649 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c[14361,14374] [2022-07-22 17:38:55,661 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:38:55,666 INFO L203 MainTranslator]: Completed pre-run [2022-07-22 17:38:55,699 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c[14361,14374] [2022-07-22 17:38:55,706 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:38:55,725 INFO L208 MainTranslator]: Completed translation [2022-07-22 17:38:55,726 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55 WrapperNode [2022-07-22 17:38:55,726 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-22 17:38:55,727 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-22 17:38:55,727 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-22 17:38:55,727 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-22 17:38:55,732 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,755 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,776 INFO L137 Inliner]: procedures = 54, calls = 152, calls flagged for inlining = 22, calls inlined = 18, statements flattened = 225 [2022-07-22 17:38:55,776 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-22 17:38:55,777 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-22 17:38:55,777 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-22 17:38:55,777 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-22 17:38:55,783 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,783 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,787 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,787 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,798 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,803 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,805 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,808 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-22 17:38:55,808 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-22 17:38:55,809 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-22 17:38:55,809 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-22 17:38:55,810 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55" (1/1) ... [2022-07-22 17:38:55,816 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:38:55,824 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:38:55,834 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-22 17:38:55,843 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-22 17:38:55,859 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-22 17:38:55,859 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-22 17:38:55,860 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-22 17:38:55,860 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-22 17:38:55,860 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-22 17:38:55,860 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-22 17:38:55,860 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-22 17:38:55,860 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-22 17:38:55,860 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-22 17:38:55,860 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-07-22 17:38:55,860 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-07-22 17:38:55,861 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-22 17:38:55,861 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-22 17:38:55,861 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-22 17:38:55,861 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-22 17:38:55,861 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-22 17:38:55,906 INFO L234 CfgBuilder]: Building ICFG [2022-07-22 17:38:55,908 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-22 17:38:56,134 INFO L275 CfgBuilder]: Performing block encoding [2022-07-22 17:38:56,141 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-22 17:38:56,142 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-22 17:38:56,143 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:56 BoogieIcfgContainer [2022-07-22 17:38:56,143 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-22 17:38:56,145 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-22 17:38:56,145 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-22 17:38:56,148 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-22 17:38:56,148 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 22.07 05:38:55" (1/3) ... [2022-07-22 17:38:56,149 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7580a7fc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:38:56, skipping insertion in model container [2022-07-22 17:38:56,149 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:55" (2/3) ... [2022-07-22 17:38:56,149 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7580a7fc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:38:56, skipping insertion in model container [2022-07-22 17:38:56,149 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:56" (3/3) ... [2022-07-22 17:38:56,150 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product20.cil.c [2022-07-22 17:38:56,160 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-22 17:38:56,160 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-22 17:38:56,218 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-22 17:38:56,222 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@18bb2889, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@21f57d53 [2022-07-22 17:38:56,223 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-22 17:38:56,237 INFO L276 IsEmpty]: Start isEmpty. Operand has 77 states, 59 states have (on average 1.3898305084745763) internal successors, (82), 66 states have internal predecessors, (82), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2022-07-22 17:38:56,246 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-07-22 17:38:56,247 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:56,247 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:56,248 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:56,251 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:56,251 INFO L85 PathProgramCache]: Analyzing trace with hash -1506660750, now seen corresponding path program 1 times [2022-07-22 17:38:56,258 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:56,258 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1867123130] [2022-07-22 17:38:56,258 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:56,259 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:56,403 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:56,469 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:56,473 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:56,474 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1867123130] [2022-07-22 17:38:56,474 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1867123130] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:56,475 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:56,475 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-22 17:38:56,477 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [313295818] [2022-07-22 17:38:56,478 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:56,483 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-22 17:38:56,484 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:56,505 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-22 17:38:56,506 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:38:56,508 INFO L87 Difference]: Start difference. First operand has 77 states, 59 states have (on average 1.3898305084745763) internal successors, (82), 66 states have internal predecessors, (82), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:56,539 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:56,540 INFO L93 Difference]: Finished difference Result 146 states and 199 transitions. [2022-07-22 17:38:56,541 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-22 17:38:56,542 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-07-22 17:38:56,542 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:56,550 INFO L225 Difference]: With dead ends: 146 [2022-07-22 17:38:56,550 INFO L226 Difference]: Without dead ends: 68 [2022-07-22 17:38:56,553 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:38:56,556 INFO L413 NwaCegarLoop]: 96 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 96 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:56,556 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:56,567 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2022-07-22 17:38:56,583 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2022-07-22 17:38:56,584 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 68 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 58 states have internal predecessors, (68), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-07-22 17:38:56,585 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 87 transitions. [2022-07-22 17:38:56,587 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 87 transitions. Word has length 19 [2022-07-22 17:38:56,587 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:56,588 INFO L495 AbstractCegarLoop]: Abstraction has 68 states and 87 transitions. [2022-07-22 17:38:56,588 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:56,588 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 87 transitions. [2022-07-22 17:38:56,590 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-07-22 17:38:56,590 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:56,590 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:56,590 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-22 17:38:56,590 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:56,591 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:56,591 INFO L85 PathProgramCache]: Analyzing trace with hash 1702349577, now seen corresponding path program 1 times [2022-07-22 17:38:56,591 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:56,592 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [117602160] [2022-07-22 17:38:56,592 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:56,592 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:56,609 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:56,636 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:56,636 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:56,637 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [117602160] [2022-07-22 17:38:56,637 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [117602160] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:56,637 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:56,637 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-22 17:38:56,637 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2080170589] [2022-07-22 17:38:56,637 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:56,638 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:38:56,638 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:56,639 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:38:56,639 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:56,639 INFO L87 Difference]: Start difference. First operand 68 states and 87 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:56,648 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:56,649 INFO L93 Difference]: Finished difference Result 97 states and 123 transitions. [2022-07-22 17:38:56,649 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:38:56,649 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2022-07-22 17:38:56,649 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:56,650 INFO L225 Difference]: With dead ends: 97 [2022-07-22 17:38:56,650 INFO L226 Difference]: Without dead ends: 59 [2022-07-22 17:38:56,651 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:56,652 INFO L413 NwaCegarLoop]: 74 mSDtfsCounter, 17 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:56,652 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 126 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:56,653 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-07-22 17:38:56,656 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2022-07-22 17:38:56,657 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 46 states have (on average 1.326086956521739) internal successors, (61), 52 states have internal predecessors, (61), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2022-07-22 17:38:56,658 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 75 transitions. [2022-07-22 17:38:56,658 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 75 transitions. Word has length 20 [2022-07-22 17:38:56,658 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:56,658 INFO L495 AbstractCegarLoop]: Abstraction has 59 states and 75 transitions. [2022-07-22 17:38:56,658 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:56,659 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 75 transitions. [2022-07-22 17:38:56,659 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-07-22 17:38:56,659 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:56,660 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:56,660 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-22 17:38:56,660 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:56,660 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:56,660 INFO L85 PathProgramCache]: Analyzing trace with hash -992613126, now seen corresponding path program 1 times [2022-07-22 17:38:56,661 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:56,661 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2016085768] [2022-07-22 17:38:56,661 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:56,661 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:56,678 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:56,717 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:56,717 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:56,717 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2016085768] [2022-07-22 17:38:56,717 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2016085768] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:56,718 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:56,718 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-22 17:38:56,718 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [469753919] [2022-07-22 17:38:56,718 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:56,718 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-22 17:38:56,719 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:56,719 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-22 17:38:56,719 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-22 17:38:56,719 INFO L87 Difference]: Start difference. First operand 59 states and 75 transitions. Second operand has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:56,820 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:56,821 INFO L93 Difference]: Finished difference Result 215 states and 287 transitions. [2022-07-22 17:38:56,821 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-22 17:38:56,821 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 25 [2022-07-22 17:38:56,822 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:56,823 INFO L225 Difference]: With dead ends: 215 [2022-07-22 17:38:56,824 INFO L226 Difference]: Without dead ends: 163 [2022-07-22 17:38:56,824 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-07-22 17:38:56,825 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 176 mSDsluCounter, 326 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 176 SdHoareTripleChecker+Valid, 420 SdHoareTripleChecker+Invalid, 105 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:56,825 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [176 Valid, 420 Invalid, 105 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:56,826 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 163 states. [2022-07-22 17:38:56,841 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 163 to 141. [2022-07-22 17:38:56,841 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 141 states, 108 states have (on average 1.3703703703703705) internal successors, (148), 122 states have internal predecessors, (148), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 12 states have call predecessors, (19), 18 states have call successors, (19) [2022-07-22 17:38:56,843 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 141 states to 141 states and 185 transitions. [2022-07-22 17:38:56,843 INFO L78 Accepts]: Start accepts. Automaton has 141 states and 185 transitions. Word has length 25 [2022-07-22 17:38:56,843 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:56,843 INFO L495 AbstractCegarLoop]: Abstraction has 141 states and 185 transitions. [2022-07-22 17:38:56,844 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:56,844 INFO L276 IsEmpty]: Start isEmpty. Operand 141 states and 185 transitions. [2022-07-22 17:38:56,845 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-07-22 17:38:56,845 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:56,845 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:56,845 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-22 17:38:56,845 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:56,846 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:56,846 INFO L85 PathProgramCache]: Analyzing trace with hash -2068590127, now seen corresponding path program 1 times [2022-07-22 17:38:56,846 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:56,846 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [329236263] [2022-07-22 17:38:56,846 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:56,846 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:56,861 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:56,943 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:56,943 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:56,943 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [329236263] [2022-07-22 17:38:56,943 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [329236263] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:56,943 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:56,943 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-07-22 17:38:56,944 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1491723411] [2022-07-22 17:38:56,944 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:56,944 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-22 17:38:56,944 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:56,944 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-22 17:38:56,945 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-07-22 17:38:56,945 INFO L87 Difference]: Start difference. First operand 141 states and 185 transitions. Second operand has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:57,129 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:57,129 INFO L93 Difference]: Finished difference Result 527 states and 736 transitions. [2022-07-22 17:38:57,129 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-07-22 17:38:57,130 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 28 [2022-07-22 17:38:57,130 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:57,139 INFO L225 Difference]: With dead ends: 527 [2022-07-22 17:38:57,139 INFO L226 Difference]: Without dead ends: 393 [2022-07-22 17:38:57,143 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=51, Invalid=131, Unknown=0, NotChecked=0, Total=182 [2022-07-22 17:38:57,147 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 188 mSDsluCounter, 388 mSDsCounter, 0 mSdLazyCounter, 126 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 188 SdHoareTripleChecker+Valid, 468 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 126 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:57,148 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [188 Valid, 468 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:57,151 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 393 states. [2022-07-22 17:38:57,205 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 393 to 378. [2022-07-22 17:38:57,206 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 378 states, 287 states have (on average 1.3449477351916377) internal successors, (386), 324 states have internal predecessors, (386), 51 states have call successors, (51), 39 states have call predecessors, (51), 39 states have return successors, (65), 33 states have call predecessors, (65), 51 states have call successors, (65) [2022-07-22 17:38:57,209 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 378 states to 378 states and 502 transitions. [2022-07-22 17:38:57,210 INFO L78 Accepts]: Start accepts. Automaton has 378 states and 502 transitions. Word has length 28 [2022-07-22 17:38:57,210 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:57,210 INFO L495 AbstractCegarLoop]: Abstraction has 378 states and 502 transitions. [2022-07-22 17:38:57,210 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:57,210 INFO L276 IsEmpty]: Start isEmpty. Operand 378 states and 502 transitions. [2022-07-22 17:38:57,212 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-07-22 17:38:57,212 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:57,212 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:57,212 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-22 17:38:57,212 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:57,212 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:57,213 INFO L85 PathProgramCache]: Analyzing trace with hash -1789142954, now seen corresponding path program 1 times [2022-07-22 17:38:57,213 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:57,213 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2116668754] [2022-07-22 17:38:57,213 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:57,213 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:57,231 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:57,248 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:57,248 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:57,249 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2116668754] [2022-07-22 17:38:57,249 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2116668754] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:57,249 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:57,249 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-22 17:38:57,249 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [585388600] [2022-07-22 17:38:57,249 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:57,250 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:38:57,250 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:57,250 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:38:57,250 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:57,251 INFO L87 Difference]: Start difference. First operand 378 states and 502 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:57,264 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:57,264 INFO L93 Difference]: Finished difference Result 656 states and 885 transitions. [2022-07-22 17:38:57,265 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:38:57,265 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 30 [2022-07-22 17:38:57,265 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:57,266 INFO L225 Difference]: With dead ends: 656 [2022-07-22 17:38:57,266 INFO L226 Difference]: Without dead ends: 285 [2022-07-22 17:38:57,268 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:57,268 INFO L413 NwaCegarLoop]: 50 mSDtfsCounter, 34 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 50 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:57,268 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 50 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:57,269 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2022-07-22 17:38:57,278 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 279. [2022-07-22 17:38:57,279 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 279 states, 218 states have (on average 1.261467889908257) internal successors, (275), 234 states have internal predecessors, (275), 30 states have call successors, (30), 30 states have call predecessors, (30), 30 states have return successors, (36), 30 states have call predecessors, (36), 30 states have call successors, (36) [2022-07-22 17:38:57,280 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 279 states to 279 states and 341 transitions. [2022-07-22 17:38:57,280 INFO L78 Accepts]: Start accepts. Automaton has 279 states and 341 transitions. Word has length 30 [2022-07-22 17:38:57,280 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:57,280 INFO L495 AbstractCegarLoop]: Abstraction has 279 states and 341 transitions. [2022-07-22 17:38:57,280 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:57,281 INFO L276 IsEmpty]: Start isEmpty. Operand 279 states and 341 transitions. [2022-07-22 17:38:57,282 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2022-07-22 17:38:57,283 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:57,283 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:57,283 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-22 17:38:57,283 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:57,284 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:57,284 INFO L85 PathProgramCache]: Analyzing trace with hash 1403719521, now seen corresponding path program 1 times [2022-07-22 17:38:57,284 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:57,284 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1486356974] [2022-07-22 17:38:57,284 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:57,284 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:57,299 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:57,331 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2022-07-22 17:38:57,333 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:57,340 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-22 17:38:57,343 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:57,347 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2022-07-22 17:38:57,348 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:57,365 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-07-22 17:38:57,366 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:57,366 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1486356974] [2022-07-22 17:38:57,366 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1486356974] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-22 17:38:57,366 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1955929912] [2022-07-22 17:38:57,366 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:57,366 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-22 17:38:57,367 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:38:57,382 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-22 17:38:57,385 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-22 17:38:57,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:57,461 INFO L263 TraceCheckSpWp]: Trace formula consists of 370 conjuncts, 9 conjunts are in the unsatisfiable core [2022-07-22 17:38:57,465 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-22 17:38:57,595 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 16 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-22 17:38:57,595 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-22 17:38:57,826 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 16 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:57,826 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1955929912] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-22 17:38:57,826 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-22 17:38:57,826 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6, 7] total 15 [2022-07-22 17:38:57,827 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [900931076] [2022-07-22 17:38:57,827 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-22 17:38:57,828 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-07-22 17:38:57,828 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:57,829 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-07-22 17:38:57,829 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=162, Unknown=0, NotChecked=0, Total=210 [2022-07-22 17:38:57,829 INFO L87 Difference]: Start difference. First operand 279 states and 341 transitions. Second operand has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-22 17:38:58,000 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:58,000 INFO L93 Difference]: Finished difference Result 377 states and 459 transitions. [2022-07-22 17:38:58,000 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-22 17:38:58,001 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 54 [2022-07-22 17:38:58,001 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:58,001 INFO L225 Difference]: With dead ends: 377 [2022-07-22 17:38:58,001 INFO L226 Difference]: Without dead ends: 0 [2022-07-22 17:38:58,002 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 124 GetRequests, 105 SyntacticMatches, 1 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=281, Unknown=0, NotChecked=0, Total=380 [2022-07-22 17:38:58,004 INFO L413 NwaCegarLoop]: 71 mSDtfsCounter, 130 mSDsluCounter, 348 mSDsCounter, 0 mSdLazyCounter, 187 mSolverCounterSat, 49 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 419 SdHoareTripleChecker+Invalid, 236 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 49 IncrementalHoareTripleChecker+Valid, 187 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:58,005 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 419 Invalid, 236 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [49 Valid, 187 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:58,006 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-22 17:38:58,006 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-22 17:38:58,006 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:58,006 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-22 17:38:58,006 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 54 [2022-07-22 17:38:58,007 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:58,008 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-22 17:38:58,008 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-22 17:38:58,008 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-22 17:38:58,009 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-22 17:38:58,010 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-22 17:38:58,032 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-22 17:38:58,227 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2022-07-22 17:38:58,229 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-22 17:38:58,948 INFO L902 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 757 764) the Hoare annotation is: true [2022-07-22 17:38:58,949 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 757 764) no Hoare annotation was computed. [2022-07-22 17:38:58,949 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 757 764) no Hoare annotation was computed. [2022-07-22 17:38:58,949 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 716 722) no Hoare annotation was computed. [2022-07-22 17:38:58,949 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 716 722) the Hoare annotation is: true [2022-07-22 17:38:58,949 INFO L899 garLoopResultBuilder]: For program point L125-1(lines 121 132) no Hoare annotation was computed. [2022-07-22 17:38:58,949 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 121 132) the Hoare annotation is: true [2022-07-22 17:38:58,949 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 121 132) no Hoare annotation was computed. [2022-07-22 17:38:58,949 INFO L899 garLoopResultBuilder]: For program point L671(lines 671 677) no Hoare annotation was computed. [2022-07-22 17:38:58,949 INFO L899 garLoopResultBuilder]: For program point L667(lines 667 680) no Hoare annotation was computed. [2022-07-22 17:38:58,949 INFO L895 garLoopResultBuilder]: At program point L667-1(lines 659 683) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0))) (.cse3 (not (= |timeShift_getWaterLevel_#res#1| 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 .cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:38:58,949 INFO L899 garLoopResultBuilder]: For program point L696-1(lines 695 714) no Hoare annotation was computed. [2022-07-22 17:38:58,949 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 692 715) no Hoare annotation was computed. [2022-07-22 17:38:58,950 INFO L895 garLoopResultBuilder]: At program point L738(line 738) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:58,950 INFO L895 garLoopResultBuilder]: At program point L734(line 734) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:58,950 INFO L895 garLoopResultBuilder]: At program point L743(line 743) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:38:58,950 INFO L895 garLoopResultBuilder]: At program point L743-1(lines 724 748) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:38:58,950 INFO L899 garLoopResultBuilder]: For program point L830(lines 830 834) no Hoare annotation was computed. [2022-07-22 17:38:58,950 INFO L899 garLoopResultBuilder]: For program point L830-2(lines 830 834) no Hoare annotation was computed. [2022-07-22 17:38:58,950 INFO L895 garLoopResultBuilder]: At program point L781(lines 776 784) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:58,950 INFO L899 garLoopResultBuilder]: For program point L653(line 653) no Hoare annotation was computed. [2022-07-22 17:38:58,950 INFO L895 garLoopResultBuilder]: At program point L170(lines 165 173) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_getWaterLevel_#res#1| 0)))) (and (or .cse0 (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 (= ~waterLevel~0 1))))) [2022-07-22 17:38:58,950 INFO L899 garLoopResultBuilder]: For program point L703-1(lines 703 709) no Hoare annotation was computed. [2022-07-22 17:38:58,950 INFO L899 garLoopResultBuilder]: For program point L732(lines 732 740) no Hoare annotation was computed. [2022-07-22 17:38:58,950 INFO L899 garLoopResultBuilder]: For program point L728(lines 728 745) no Hoare annotation was computed. [2022-07-22 17:38:58,950 INFO L895 garLoopResultBuilder]: At program point L179(lines 174 182) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:58,951 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 692 715) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:38:58,951 INFO L895 garLoopResultBuilder]: At program point L654(lines 649 656) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:58,951 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 692 715) no Hoare annotation was computed. [2022-07-22 17:38:58,951 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 653) no Hoare annotation was computed. [2022-07-22 17:38:58,951 INFO L899 garLoopResultBuilder]: For program point L101(lines 101 105) no Hoare annotation was computed. [2022-07-22 17:38:58,951 INFO L895 garLoopResultBuilder]: At program point L836(lines 821 839) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:58,951 INFO L895 garLoopResultBuilder]: At program point L101-2(lines 97 108) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-22 17:38:58,951 INFO L902 garLoopResultBuilder]: At program point L192(line 192) the Hoare annotation is: true [2022-07-22 17:38:58,951 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 186 215) no Hoare annotation was computed. [2022-07-22 17:38:58,951 INFO L899 garLoopResultBuilder]: For program point L192-1(line 192) no Hoare annotation was computed. [2022-07-22 17:38:58,951 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 186 215) the Hoare annotation is: true [2022-07-22 17:38:58,951 INFO L902 garLoopResultBuilder]: At program point L211(lines 186 215) the Hoare annotation is: true [2022-07-22 17:38:58,951 INFO L899 garLoopResultBuilder]: For program point L207(line 207) no Hoare annotation was computed. [2022-07-22 17:38:58,952 INFO L899 garLoopResultBuilder]: For program point L200(lines 200 204) no Hoare annotation was computed. [2022-07-22 17:38:58,952 INFO L902 garLoopResultBuilder]: At program point L200-1(lines 200 204) the Hoare annotation is: true [2022-07-22 17:38:58,952 INFO L899 garLoopResultBuilder]: For program point L197(line 197) no Hoare annotation was computed. [2022-07-22 17:38:58,952 INFO L902 garLoopResultBuilder]: At program point L196-2(lines 196 210) the Hoare annotation is: true [2022-07-22 17:38:58,952 INFO L902 garLoopResultBuilder]: At program point L927(lines 864 931) the Hoare annotation is: true [2022-07-22 17:38:58,952 INFO L899 garLoopResultBuilder]: For program point L894(lines 894 900) no Hoare annotation was computed. [2022-07-22 17:38:58,952 INFO L899 garLoopResultBuilder]: For program point L894-1(lines 894 900) no Hoare annotation was computed. [2022-07-22 17:38:58,952 INFO L895 garLoopResultBuilder]: At program point L886(line 886) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-22 17:38:58,952 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-22 17:38:58,952 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-22 17:38:58,952 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-22 17:38:58,952 INFO L895 garLoopResultBuilder]: At program point L924(lines 873 925) the Hoare annotation is: false [2022-07-22 17:38:58,952 INFO L899 garLoopResultBuilder]: For program point L912(lines 912 918) no Hoare annotation was computed. [2022-07-22 17:38:58,952 INFO L895 garLoopResultBuilder]: At program point L846(line 846) the Hoare annotation is: false [2022-07-22 17:38:58,953 INFO L895 garLoopResultBuilder]: At program point L912-2(lines 904 919) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-22 17:38:58,953 INFO L899 garLoopResultBuilder]: For program point L875(lines 874 923) no Hoare annotation was computed. [2022-07-22 17:38:58,953 INFO L899 garLoopResultBuilder]: For program point L904(lines 904 919) no Hoare annotation was computed. [2022-07-22 17:38:58,953 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-22 17:38:58,953 INFO L895 garLoopResultBuilder]: At program point L896(line 896) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-22 17:38:58,953 INFO L902 garLoopResultBuilder]: At program point L256(lines 249 258) the Hoare annotation is: true [2022-07-22 17:38:58,953 INFO L895 garLoopResultBuilder]: At program point L921(lines 874 923) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-22 17:38:58,953 INFO L899 garLoopResultBuilder]: For program point L884(lines 884 890) no Hoare annotation was computed. [2022-07-22 17:38:58,953 INFO L895 garLoopResultBuilder]: At program point L83(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:38:58,953 INFO L899 garLoopResultBuilder]: For program point L884-1(lines 884 890) no Hoare annotation was computed. [2022-07-22 17:38:58,953 INFO L899 garLoopResultBuilder]: For program point L269(lines 269 276) no Hoare annotation was computed. [2022-07-22 17:38:58,953 INFO L899 garLoopResultBuilder]: For program point L876(lines 876 880) no Hoare annotation was computed. [2022-07-22 17:38:58,953 INFO L895 garLoopResultBuilder]: At program point L75(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:38:58,953 INFO L899 garLoopResultBuilder]: For program point L269-2(lines 269 276) no Hoare annotation was computed. [2022-07-22 17:38:58,954 INFO L895 garLoopResultBuilder]: At program point L860(lines 855 862) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2) (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 .cse2 (= ~waterLevel~0 1)))) [2022-07-22 17:38:58,954 INFO L902 garLoopResultBuilder]: At program point L278(lines 259 281) the Hoare annotation is: true [2022-07-22 17:38:58,954 INFO L895 garLoopResultBuilder]: At program point L245(lines 241 247) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0) (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:38:58,954 INFO L895 garLoopResultBuilder]: At program point L852(lines 840 854) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-22 17:38:58,954 INFO L899 garLoopResultBuilder]: For program point L844(lines 844 850) no Hoare annotation was computed. [2022-07-22 17:38:58,954 INFO L899 garLoopResultBuilder]: For program point L844-1(lines 844 850) no Hoare annotation was computed. [2022-07-22 17:38:58,954 INFO L895 garLoopResultBuilder]: At program point L68(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:38:58,954 INFO L899 garLoopResultBuilder]: For program point L113-1(lines 109 120) no Hoare annotation was computed. [2022-07-22 17:38:58,954 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 109 120) no Hoare annotation was computed. [2022-07-22 17:38:58,954 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 109 120) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0)))) (and (or .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)))) [2022-07-22 17:38:58,956 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-07-22 17:38:58,958 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-22 17:38:58,988 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 22.07 05:38:58 BoogieIcfgContainer [2022-07-22 17:38:58,988 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-22 17:38:58,988 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-22 17:38:58,988 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-22 17:38:58,989 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-22 17:38:58,989 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:56" (3/4) ... [2022-07-22 17:38:58,991 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-22 17:38:58,995 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-07-22 17:38:58,995 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-22 17:38:58,996 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-22 17:38:58,996 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-22 17:38:58,996 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-22 17:38:58,996 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-22 17:38:59,004 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 50 nodes and edges [2022-07-22 17:38:59,019 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-22 17:38:59,019 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-22 17:38:59,020 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-22 17:38:59,020 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-22 17:38:59,020 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:38:59,020 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:38:59,035 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-22 17:38:59,035 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-22 17:38:59,036 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) [2022-07-22 17:38:59,036 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-22 17:38:59,036 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) [2022-07-22 17:38:59,036 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) || (((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) [2022-07-22 17:38:59,037 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) [2022-07-22 17:38:59,037 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) [2022-07-22 17:38:59,037 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) [2022-07-22 17:38:59,037 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-22 17:38:59,037 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-22 17:38:59,037 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-22 17:38:59,037 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-22 17:38:59,048 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-22 17:38:59,049 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-22 17:38:59,049 INFO L158 Benchmark]: Toolchain (without parser) took 3633.79ms. Allocated memory was 119.5MB in the beginning and 144.7MB in the end (delta: 25.2MB). Free memory was 89.9MB in the beginning and 85.8MB in the end (delta: 4.1MB). Peak memory consumption was 28.0MB. Max. memory is 16.1GB. [2022-07-22 17:38:59,049 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 119.5MB. Free memory is still 74.5MB. There was no memory consumed. Max. memory is 16.1GB. [2022-07-22 17:38:59,049 INFO L158 Benchmark]: CACSL2BoogieTranslator took 304.95ms. Allocated memory is still 119.5MB. Free memory was 89.6MB in the beginning and 85.3MB in the end (delta: 4.3MB). Peak memory consumption was 9.2MB. Max. memory is 16.1GB. [2022-07-22 17:38:59,049 INFO L158 Benchmark]: Boogie Procedure Inliner took 49.16ms. Allocated memory is still 119.5MB. Free memory was 85.3MB in the beginning and 82.7MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-22 17:38:59,050 INFO L158 Benchmark]: Boogie Preprocessor took 31.02ms. Allocated memory is still 119.5MB. Free memory was 82.7MB in the beginning and 81.5MB in the end (delta: 1.2MB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-22 17:38:59,050 INFO L158 Benchmark]: RCFGBuilder took 335.15ms. Allocated memory is still 119.5MB. Free memory was 81.2MB in the beginning and 65.7MB in the end (delta: 15.6MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2022-07-22 17:38:59,050 INFO L158 Benchmark]: TraceAbstraction took 2843.28ms. Allocated memory was 119.5MB in the beginning and 144.7MB in the end (delta: 25.2MB). Free memory was 65.4MB in the beginning and 91.1MB in the end (delta: -25.7MB). Peak memory consumption was 46.0MB. Max. memory is 16.1GB. [2022-07-22 17:38:59,050 INFO L158 Benchmark]: Witness Printer took 60.27ms. Allocated memory is still 144.7MB. Free memory was 91.1MB in the beginning and 85.8MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-07-22 17:38:59,051 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 119.5MB. Free memory is still 74.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 304.95ms. Allocated memory is still 119.5MB. Free memory was 89.6MB in the beginning and 85.3MB in the end (delta: 4.3MB). Peak memory consumption was 9.2MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 49.16ms. Allocated memory is still 119.5MB. Free memory was 85.3MB in the beginning and 82.7MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 31.02ms. Allocated memory is still 119.5MB. Free memory was 82.7MB in the beginning and 81.5MB in the end (delta: 1.2MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 335.15ms. Allocated memory is still 119.5MB. Free memory was 81.2MB in the beginning and 65.7MB in the end (delta: 15.6MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * TraceAbstraction took 2843.28ms. Allocated memory was 119.5MB in the beginning and 144.7MB in the end (delta: 25.2MB). Free memory was 65.4MB in the beginning and 91.1MB in the end (delta: -25.7MB). Peak memory consumption was 46.0MB. Max. memory is 16.1GB. * Witness Printer took 60.27ms. Allocated memory is still 144.7MB. Free memory was 91.1MB in the beginning and 85.8MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 653]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 77 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.7s, OverallIterations: 6, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.7s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 549 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 545 mSDsluCounter, 1579 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1114 mSDsCounter, 99 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 405 IncrementalHoareTripleChecker+Invalid, 504 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 99 mSolverCounterUnsat, 465 mSDtfsCounter, 405 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 153 GetRequests, 114 SyntacticMatches, 1 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 60 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=378occurred in iteration=4, InterpolantAutomatonStates: 32, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 6 MinimizatonAttempts, 43 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 36 LocationsWithAnnotation, 486 PreInvPairs, 546 NumberOfFragments, 523 HoareAnnotationTreeSize, 486 FomulaSimplifications, 289 FormulaSimplificationTreeSizeReduction, 0.1s HoareSimplificationTime, 36 FomulaSimplificationsInter, 2313 FormulaSimplificationTreeSizeReductionInter, 0.6s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.7s InterpolantComputationTime, 230 NumberOfCodeBlocks, 230 NumberOfCodeBlocksAsserted, 7 NumberOfCheckSat, 276 ConstructedInterpolants, 0 QuantifiedInterpolants, 753 SizeOfPredicates, 0 NumberOfNonLiveVariables, 370 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 8 InterpolantComputations, 5 PerfectInterpolantSequences, 51/57 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 873]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 249]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 97]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 174]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 659]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 855]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) || (((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 165]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) - InvariantResult [Line: 776]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 724]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 649]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 874]: Loop Invariant Derived loop invariant: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) - InvariantResult [Line: 821]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 241]: Loop Invariant Derived loop invariant: (((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 196]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 864]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 186]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 840]: Loop Invariant Derived loop invariant: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) - InvariantResult [Line: 259]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-07-22 17:38:59,079 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE