./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_product32.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version eb692b52 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_product32.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 2b0f126ee4d94a96683a291e8cdda3d32342b26980ee5a2243ede6664f8cbf9b --- Real Ultimate output --- This is Ultimate 0.2.2-?-eb692b5 [2022-07-19 17:23:45,843 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-19 17:23:45,849 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-19 17:23:45,891 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-19 17:23:45,892 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-19 17:23:45,893 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-19 17:23:45,894 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-19 17:23:45,896 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-19 17:23:45,898 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-19 17:23:45,901 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-19 17:23:45,902 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-19 17:23:45,903 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-19 17:23:45,903 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-19 17:23:45,905 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-19 17:23:45,906 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-19 17:23:45,908 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-19 17:23:45,909 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-19 17:23:45,910 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-19 17:23:45,911 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-19 17:23:45,915 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-19 17:23:45,916 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-19 17:23:45,917 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-19 17:23:45,918 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-19 17:23:45,918 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-19 17:23:45,920 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-19 17:23:45,925 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-19 17:23:45,925 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-19 17:23:45,926 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-19 17:23:45,926 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-19 17:23:45,927 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-19 17:23:45,928 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-19 17:23:45,929 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-19 17:23:45,930 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-19 17:23:45,930 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-19 17:23:45,931 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-19 17:23:45,932 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-19 17:23:45,932 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-19 17:23:45,932 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-19 17:23:45,932 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-19 17:23:45,933 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-19 17:23:45,933 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-19 17:23:45,935 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-19 17:23:45,936 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-19 17:23:45,965 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-19 17:23:45,965 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-19 17:23:45,966 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-19 17:23:45,966 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-19 17:23:45,966 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-19 17:23:45,966 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-19 17:23:45,967 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-19 17:23:45,967 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-19 17:23:45,967 INFO L138 SettingsManager]: * Use SBE=true [2022-07-19 17:23:45,968 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-19 17:23:45,968 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-19 17:23:45,968 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-19 17:23:45,968 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-19 17:23:45,968 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-19 17:23:45,969 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-19 17:23:45,969 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-19 17:23:45,969 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-19 17:23:45,969 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-19 17:23:45,969 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-19 17:23:45,970 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-19 17:23:45,970 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-19 17:23:45,970 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-19 17:23:45,971 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-19 17:23:45,971 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-19 17:23:45,971 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-19 17:23:45,971 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-19 17:23:45,971 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-19 17:23:45,971 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-19 17:23:45,972 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-19 17:23:45,972 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-19 17:23:45,972 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-19 17:23:45,972 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-19 17:23:45,972 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-19 17:23:45,972 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 2b0f126ee4d94a96683a291e8cdda3d32342b26980ee5a2243ede6664f8cbf9b [2022-07-19 17:23:46,164 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-19 17:23:46,189 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-19 17:23:46,191 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-19 17:23:46,192 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-19 17:23:46,192 INFO L275 PluginConnector]: CDTParser initialized [2022-07-19 17:23:46,193 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_product32.cil.c [2022-07-19 17:23:46,242 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7ef3d9706/2781b166b3db471e81d67f980cbf3f31/FLAGad4d85455 [2022-07-19 17:23:46,565 INFO L306 CDTParser]: Found 1 translation units. [2022-07-19 17:23:46,565 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product32.cil.c [2022-07-19 17:23:46,572 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7ef3d9706/2781b166b3db471e81d67f980cbf3f31/FLAGad4d85455 [2022-07-19 17:23:46,966 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7ef3d9706/2781b166b3db471e81d67f980cbf3f31 [2022-07-19 17:23:46,968 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-19 17:23:46,969 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-19 17:23:46,972 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-19 17:23:46,973 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-19 17:23:46,976 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-19 17:23:46,977 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.07 05:23:46" (1/1) ... [2022-07-19 17:23:46,977 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@42f8a765 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:46, skipping insertion in model container [2022-07-19 17:23:46,977 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.07 05:23:46" (1/1) ... [2022-07-19 17:23:46,982 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-19 17:23:47,008 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-19 17:23:47,156 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product32.cil.c[1605,1618] [2022-07-19 17:23:47,285 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-19 17:23:47,291 INFO L203 MainTranslator]: Completed pre-run [2022-07-19 17:23:47,299 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product32.cil.c[1605,1618] [2022-07-19 17:23:47,341 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-19 17:23:47,361 INFO L208 MainTranslator]: Completed translation [2022-07-19 17:23:47,361 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47 WrapperNode [2022-07-19 17:23:47,361 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-19 17:23:47,362 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-19 17:23:47,362 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-19 17:23:47,362 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-19 17:23:47,368 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47" (1/1) ... [2022-07-19 17:23:47,386 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47" (1/1) ... [2022-07-19 17:23:47,404 INFO L137 Inliner]: procedures = 57, calls = 159, calls flagged for inlining = 22, calls inlined = 18, statements flattened = 238 [2022-07-19 17:23:47,409 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-19 17:23:47,410 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-19 17:23:47,410 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-19 17:23:47,410 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-19 17:23:47,416 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47" (1/1) ... [2022-07-19 17:23:47,417 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47" (1/1) ... [2022-07-19 17:23:47,426 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47" (1/1) ... [2022-07-19 17:23:47,429 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47" (1/1) ... [2022-07-19 17:23:47,433 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47" (1/1) ... [2022-07-19 17:23:47,441 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47" (1/1) ... [2022-07-19 17:23:47,447 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47" (1/1) ... [2022-07-19 17:23:47,449 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-19 17:23:47,449 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-19 17:23:47,450 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-19 17:23:47,451 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-19 17:23:47,460 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47" (1/1) ... [2022-07-19 17:23:47,465 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-19 17:23:47,474 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-19 17:23:47,488 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-19 17:23:47,491 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-19 17:23:47,518 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-19 17:23:47,518 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-19 17:23:47,518 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-19 17:23:47,518 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-07-19 17:23:47,518 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-07-19 17:23:47,518 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-19 17:23:47,518 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-19 17:23:47,519 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-19 17:23:47,519 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-19 17:23:47,519 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-19 17:23:47,519 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-19 17:23:47,519 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-07-19 17:23:47,519 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-07-19 17:23:47,519 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-07-19 17:23:47,520 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-07-19 17:23:47,520 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-07-19 17:23:47,520 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-07-19 17:23:47,520 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-19 17:23:47,520 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-19 17:23:47,520 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-19 17:23:47,520 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-19 17:23:47,520 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-19 17:23:47,589 INFO L234 CfgBuilder]: Building ICFG [2022-07-19 17:23:47,590 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-19 17:23:47,856 INFO L275 CfgBuilder]: Performing block encoding [2022-07-19 17:23:47,862 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-19 17:23:47,862 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-19 17:23:47,863 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:23:47 BoogieIcfgContainer [2022-07-19 17:23:47,865 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-19 17:23:47,867 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-19 17:23:47,867 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-19 17:23:47,870 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-19 17:23:47,870 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 19.07 05:23:46" (1/3) ... [2022-07-19 17:23:47,871 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2847d1ff and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.07 05:23:47, skipping insertion in model container [2022-07-19 17:23:47,871 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:23:47" (2/3) ... [2022-07-19 17:23:47,871 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2847d1ff and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.07 05:23:47, skipping insertion in model container [2022-07-19 17:23:47,872 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:23:47" (3/3) ... [2022-07-19 17:23:47,873 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product32.cil.c [2022-07-19 17:23:47,884 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-19 17:23:47,885 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-19 17:23:47,935 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-19 17:23:47,942 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@65e12671, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@d57a619 [2022-07-19 17:23:47,942 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-19 17:23:47,953 INFO L276 IsEmpty]: Start isEmpty. Operand has 98 states, 71 states have (on average 1.3661971830985915) internal successors, (97), 80 states have internal predecessors, (97), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 12 states have call predecessors, (16), 16 states have call successors, (16) [2022-07-19 17:23:47,961 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-07-19 17:23:47,962 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:23:47,962 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:23:47,963 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:23:47,968 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:23:47,968 INFO L85 PathProgramCache]: Analyzing trace with hash -905457996, now seen corresponding path program 1 times [2022-07-19 17:23:47,974 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:23:47,975 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1186640970] [2022-07-19 17:23:47,975 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:23:47,975 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:23:48,108 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:23:48,163 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-07-19 17:23:48,165 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:23:48,167 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-19 17:23:48,168 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:23:48,168 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1186640970] [2022-07-19 17:23:48,169 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1186640970] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:23:48,169 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:23:48,169 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-19 17:23:48,170 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [802136385] [2022-07-19 17:23:48,171 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:23:48,173 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-19 17:23:48,173 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:23:48,206 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-19 17:23:48,206 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-19 17:23:48,208 INFO L87 Difference]: Start difference. First operand has 98 states, 71 states have (on average 1.3661971830985915) internal successors, (97), 80 states have internal predecessors, (97), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 12 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-19 17:23:48,229 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:23:48,230 INFO L93 Difference]: Finished difference Result 187 states and 252 transitions. [2022-07-19 17:23:48,230 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-19 17:23:48,231 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-07-19 17:23:48,231 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:23:48,237 INFO L225 Difference]: With dead ends: 187 [2022-07-19 17:23:48,237 INFO L226 Difference]: Without dead ends: 89 [2022-07-19 17:23:48,239 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-19 17:23:48,242 INFO L413 NwaCegarLoop]: 123 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 123 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:23:48,243 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 123 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:23:48,253 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2022-07-19 17:23:48,279 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 89. [2022-07-19 17:23:48,280 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 64 states have (on average 1.296875) internal successors, (83), 72 states have internal predecessors, (83), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) [2022-07-19 17:23:48,283 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 114 transitions. [2022-07-19 17:23:48,284 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 114 transitions. Word has length 25 [2022-07-19 17:23:48,284 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:23:48,284 INFO L495 AbstractCegarLoop]: Abstraction has 89 states and 114 transitions. [2022-07-19 17:23:48,285 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-19 17:23:48,285 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 114 transitions. [2022-07-19 17:23:48,287 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-07-19 17:23:48,287 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:23:48,287 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:23:48,287 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-19 17:23:48,287 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:23:48,288 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:23:48,288 INFO L85 PathProgramCache]: Analyzing trace with hash 1775513804, now seen corresponding path program 1 times [2022-07-19 17:23:48,288 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:23:48,288 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1047754337] [2022-07-19 17:23:48,289 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:23:48,289 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:23:48,304 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:23:48,335 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2022-07-19 17:23:48,338 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:23:48,342 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-19 17:23:48,344 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:23:48,344 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1047754337] [2022-07-19 17:23:48,344 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1047754337] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:23:48,344 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:23:48,344 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-19 17:23:48,345 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1658383924] [2022-07-19 17:23:48,345 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:23:48,346 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-19 17:23:48,346 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:23:48,347 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-19 17:23:48,348 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:23:48,348 INFO L87 Difference]: Start difference. First operand 89 states and 114 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-19 17:23:48,367 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:23:48,369 INFO L93 Difference]: Finished difference Result 138 states and 176 transitions. [2022-07-19 17:23:48,369 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-19 17:23:48,369 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-07-19 17:23:48,370 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:23:48,373 INFO L225 Difference]: With dead ends: 138 [2022-07-19 17:23:48,373 INFO L226 Difference]: Without dead ends: 80 [2022-07-19 17:23:48,375 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:23:48,377 INFO L413 NwaCegarLoop]: 101 mSDtfsCounter, 17 mSDsluCounter, 79 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 180 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:23:48,378 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 180 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:23:48,379 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2022-07-19 17:23:48,386 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2022-07-19 17:23:48,388 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 66 states have internal predecessors, (76), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-07-19 17:23:48,389 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 102 transitions. [2022-07-19 17:23:48,389 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 102 transitions. Word has length 26 [2022-07-19 17:23:48,389 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:23:48,389 INFO L495 AbstractCegarLoop]: Abstraction has 80 states and 102 transitions. [2022-07-19 17:23:48,389 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-19 17:23:48,390 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 102 transitions. [2022-07-19 17:23:48,391 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-07-19 17:23:48,392 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:23:48,392 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:23:48,392 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-19 17:23:48,392 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:23:48,392 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:23:48,393 INFO L85 PathProgramCache]: Analyzing trace with hash -775116306, now seen corresponding path program 1 times [2022-07-19 17:23:48,393 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:23:48,393 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [316827658] [2022-07-19 17:23:48,393 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:23:48,393 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:23:48,412 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:23:48,451 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-07-19 17:23:48,452 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:23:48,454 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-19 17:23:48,454 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:23:48,454 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [316827658] [2022-07-19 17:23:48,454 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [316827658] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:23:48,454 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:23:48,455 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-19 17:23:48,455 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [416045609] [2022-07-19 17:23:48,455 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:23:48,455 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-19 17:23:48,455 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:23:48,456 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-19 17:23:48,460 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:23:48,460 INFO L87 Difference]: Start difference. First operand 80 states and 102 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-19 17:23:48,479 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:23:48,480 INFO L93 Difference]: Finished difference Result 222 states and 289 transitions. [2022-07-19 17:23:48,480 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-19 17:23:48,480 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2022-07-19 17:23:48,480 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:23:48,481 INFO L225 Difference]: With dead ends: 222 [2022-07-19 17:23:48,481 INFO L226 Difference]: Without dead ends: 150 [2022-07-19 17:23:48,482 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:23:48,483 INFO L413 NwaCegarLoop]: 127 mSDtfsCounter, 79 mSDsluCounter, 89 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 216 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:23:48,483 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [79 Valid, 216 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:23:48,492 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2022-07-19 17:23:48,505 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 147. [2022-07-19 17:23:48,510 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 147 states, 104 states have (on average 1.3365384615384615) internal successors, (139), 119 states have internal predecessors, (139), 26 states have call successors, (26), 16 states have call predecessors, (26), 16 states have return successors, (26), 17 states have call predecessors, (26), 26 states have call successors, (26) [2022-07-19 17:23:48,513 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 147 states to 147 states and 191 transitions. [2022-07-19 17:23:48,513 INFO L78 Accepts]: Start accepts. Automaton has 147 states and 191 transitions. Word has length 31 [2022-07-19 17:23:48,514 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:23:48,514 INFO L495 AbstractCegarLoop]: Abstraction has 147 states and 191 transitions. [2022-07-19 17:23:48,514 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-19 17:23:48,514 INFO L276 IsEmpty]: Start isEmpty. Operand 147 states and 191 transitions. [2022-07-19 17:23:48,516 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-07-19 17:23:48,516 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:23:48,517 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:23:48,517 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-19 17:23:48,517 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:23:48,517 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:23:48,518 INFO L85 PathProgramCache]: Analyzing trace with hash -471183706, now seen corresponding path program 1 times [2022-07-19 17:23:48,518 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:23:48,518 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1790378185] [2022-07-19 17:23:48,518 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:23:48,518 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:23:48,552 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:23:48,599 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-07-19 17:23:48,600 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:23:48,602 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-19 17:23:48,602 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:23:48,602 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1790378185] [2022-07-19 17:23:48,602 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1790378185] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:23:48,602 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:23:48,612 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-19 17:23:48,619 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [105545475] [2022-07-19 17:23:48,619 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:23:48,620 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-07-19 17:23:48,621 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:23:48,621 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-07-19 17:23:48,621 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-07-19 17:23:48,622 INFO L87 Difference]: Start difference. First operand 147 states and 191 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-19 17:23:48,667 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:23:48,670 INFO L93 Difference]: Finished difference Result 242 states and 315 transitions. [2022-07-19 17:23:48,671 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-07-19 17:23:48,671 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-07-19 17:23:48,671 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:23:48,671 INFO L225 Difference]: With dead ends: 242 [2022-07-19 17:23:48,672 INFO L226 Difference]: Without dead ends: 0 [2022-07-19 17:23:48,672 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-07-19 17:23:48,676 INFO L413 NwaCegarLoop]: 58 mSDtfsCounter, 43 mSDsluCounter, 111 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 169 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:23:48,676 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [43 Valid, 169 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:23:48,680 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-19 17:23:48,681 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-19 17:23:48,681 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:23:48,681 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-19 17:23:48,681 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 34 [2022-07-19 17:23:48,681 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:23:48,681 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-19 17:23:48,681 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-19 17:23:48,681 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-19 17:23:48,682 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-19 17:23:48,683 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-19 17:23:48,684 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-19 17:23:48,685 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-19 17:23:48,927 INFO L902 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 254 261) the Hoare annotation is: true [2022-07-19 17:23:48,927 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 254 261) no Hoare annotation was computed. [2022-07-19 17:23:48,927 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 254 261) no Hoare annotation was computed. [2022-07-19 17:23:48,927 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 170 176) no Hoare annotation was computed. [2022-07-19 17:23:48,928 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 170 176) the Hoare annotation is: true [2022-07-19 17:23:48,928 INFO L899 garLoopResultBuilder]: For program point L528-1(lines 524 535) no Hoare annotation was computed. [2022-07-19 17:23:48,928 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 524 535) the Hoare annotation is: true [2022-07-19 17:23:48,928 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 524 535) no Hoare annotation was computed. [2022-07-19 17:23:48,928 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 536 544) the Hoare annotation is: true [2022-07-19 17:23:48,928 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalFINAL(lines 536 544) no Hoare annotation was computed. [2022-07-19 17:23:48,928 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 536 544) no Hoare annotation was computed. [2022-07-19 17:23:48,929 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 362 391) no Hoare annotation was computed. [2022-07-19 17:23:48,929 INFO L899 garLoopResultBuilder]: For program point L383(line 383) no Hoare annotation was computed. [2022-07-19 17:23:48,931 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 362 391) the Hoare annotation is: true [2022-07-19 17:23:48,931 INFO L899 garLoopResultBuilder]: For program point L376(lines 376 380) no Hoare annotation was computed. [2022-07-19 17:23:48,931 INFO L902 garLoopResultBuilder]: At program point L376-1(lines 376 380) the Hoare annotation is: true [2022-07-19 17:23:48,931 INFO L899 garLoopResultBuilder]: For program point L373(line 373) no Hoare annotation was computed. [2022-07-19 17:23:48,931 INFO L902 garLoopResultBuilder]: At program point L372-2(lines 372 386) the Hoare annotation is: true [2022-07-19 17:23:48,931 INFO L902 garLoopResultBuilder]: At program point L368(line 368) the Hoare annotation is: true [2022-07-19 17:23:48,931 INFO L899 garLoopResultBuilder]: For program point L368-1(line 368) no Hoare annotation was computed. [2022-07-19 17:23:48,932 INFO L902 garLoopResultBuilder]: At program point L387(lines 362 391) the Hoare annotation is: true [2022-07-19 17:23:48,932 INFO L899 garLoopResultBuilder]: For program point L609(lines 609 615) no Hoare annotation was computed. [2022-07-19 17:23:48,932 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 146 169) no Hoare annotation was computed. [2022-07-19 17:23:48,932 INFO L895 garLoopResultBuilder]: At program point L218(line 218) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:23:48,932 INFO L895 garLoopResultBuilder]: At program point L602(line 602) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:23:48,932 INFO L899 garLoopResultBuilder]: For program point L602-1(line 602) no Hoare annotation was computed. [2022-07-19 17:23:48,932 INFO L895 garLoopResultBuilder]: At program point L214(line 214) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:23:48,933 INFO L895 garLoopResultBuilder]: At program point L210(line 210) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:23:48,933 INFO L899 garLoopResultBuilder]: For program point L210-1(line 210) no Hoare annotation was computed. [2022-07-19 17:23:48,933 INFO L895 garLoopResultBuilder]: At program point L223(line 223) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:23:48,933 INFO L895 garLoopResultBuilder]: At program point L223-1(lines 204 228) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:23:48,933 INFO L899 garLoopResultBuilder]: For program point L157-1(lines 157 163) no Hoare annotation was computed. [2022-07-19 17:23:48,933 INFO L899 garLoopResultBuilder]: For program point L504(lines 504 508) no Hoare annotation was computed. [2022-07-19 17:23:48,934 INFO L895 garLoopResultBuilder]: At program point L504-2(lines 500 511) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:23:48,934 INFO L899 garLoopResultBuilder]: For program point L54(line 54) no Hoare annotation was computed. [2022-07-19 17:23:48,934 INFO L899 garLoopResultBuilder]: For program point L608(lines 608 618) no Hoare annotation was computed. [2022-07-19 17:23:48,934 INFO L899 garLoopResultBuilder]: For program point L604(lines 604 621) no Hoare annotation was computed. [2022-07-19 17:23:48,934 INFO L895 garLoopResultBuilder]: At program point L604-1(lines 596 624) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:23:48,938 INFO L895 garLoopResultBuilder]: At program point L55(lines 50 57) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:23:48,938 INFO L895 garLoopResultBuilder]: At program point L278(lines 273 281) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |timeShift_isPumpRunning_#res#1| 0))) [2022-07-19 17:23:48,939 INFO L899 garLoopResultBuilder]: For program point L150-1(lines 149 168) no Hoare annotation was computed. [2022-07-19 17:23:48,939 INFO L899 garLoopResultBuilder]: For program point L212(lines 212 220) no Hoare annotation was computed. [2022-07-19 17:23:48,939 INFO L899 garLoopResultBuilder]: For program point L208(lines 208 225) no Hoare annotation was computed. [2022-07-19 17:23:48,939 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 146 169) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:23:48,939 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 146 169) no Hoare annotation was computed. [2022-07-19 17:23:48,940 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 54) no Hoare annotation was computed. [2022-07-19 17:23:48,940 INFO L895 garLoopResultBuilder]: At program point L97(line 97) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-07-19 17:23:48,940 INFO L899 garLoopResultBuilder]: For program point L448(lines 448 455) no Hoare annotation was computed. [2022-07-19 17:23:48,941 INFO L899 garLoopResultBuilder]: For program point L448-2(lines 448 455) no Hoare annotation was computed. [2022-07-19 17:23:48,941 INFO L895 garLoopResultBuilder]: At program point L477(lines 473 479) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-07-19 17:23:48,941 INFO L895 garLoopResultBuilder]: At program point L349(lines 337 351) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-07-19 17:23:48,941 INFO L895 garLoopResultBuilder]: At program point L122(lines 75 124) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-07-19 17:23:48,942 INFO L899 garLoopResultBuilder]: For program point L85(lines 85 91) no Hoare annotation was computed. [2022-07-19 17:23:48,942 INFO L899 garLoopResultBuilder]: For program point L341(lines 341 347) no Hoare annotation was computed. [2022-07-19 17:23:48,942 INFO L899 garLoopResultBuilder]: For program point L85-1(lines 85 91) no Hoare annotation was computed. [2022-07-19 17:23:48,942 INFO L899 garLoopResultBuilder]: For program point L341-1(lines 341 347) no Hoare annotation was computed. [2022-07-19 17:23:48,942 INFO L895 garLoopResultBuilder]: At program point L593(lines 588 595) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-07-19 17:23:48,942 INFO L902 garLoopResultBuilder]: At program point L432(lines 424 434) the Hoare annotation is: true [2022-07-19 17:23:48,943 INFO L899 garLoopResultBuilder]: For program point L77(lines 77 81) no Hoare annotation was computed. [2022-07-19 17:23:48,943 INFO L902 garLoopResultBuilder]: At program point L457(lines 438 460) the Hoare annotation is: true [2022-07-19 17:23:48,943 INFO L895 garLoopResultBuilder]: At program point L420(lines 416 422) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-07-19 17:23:48,943 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-19 17:23:48,943 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-19 17:23:48,943 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-19 17:23:48,943 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-19 17:23:48,944 INFO L902 garLoopResultBuilder]: At program point L128(lines 65 132) the Hoare annotation is: true [2022-07-19 17:23:48,944 INFO L899 garLoopResultBuilder]: For program point L95(lines 95 101) no Hoare annotation was computed. [2022-07-19 17:23:48,944 INFO L899 garLoopResultBuilder]: For program point L95-1(lines 95 101) no Hoare annotation was computed. [2022-07-19 17:23:48,944 INFO L895 garLoopResultBuilder]: At program point L87(line 87) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-07-19 17:23:48,944 INFO L895 garLoopResultBuilder]: At program point L343(line 343) the Hoare annotation is: false [2022-07-19 17:23:48,944 INFO L895 garLoopResultBuilder]: At program point L492(lines 487 495) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-07-19 17:23:48,944 INFO L895 garLoopResultBuilder]: At program point L484(lines 480 486) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-07-19 17:23:48,945 INFO L895 garLoopResultBuilder]: At program point L125(lines 74 126) the Hoare annotation is: false [2022-07-19 17:23:48,945 INFO L899 garLoopResultBuilder]: For program point L113(lines 113 119) no Hoare annotation was computed. [2022-07-19 17:23:48,945 INFO L895 garLoopResultBuilder]: At program point L113-2(lines 105 120) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-07-19 17:23:48,945 INFO L899 garLoopResultBuilder]: For program point L76(lines 75 124) no Hoare annotation was computed. [2022-07-19 17:23:48,945 INFO L899 garLoopResultBuilder]: For program point L105(lines 105 120) no Hoare annotation was computed. [2022-07-19 17:23:48,946 INFO L895 garLoopResultBuilder]: At program point L357(lines 352 359) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-07-19 17:23:48,947 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 512 523) no Hoare annotation was computed. [2022-07-19 17:23:48,947 INFO L902 garLoopResultBuilder]: At program point waterRiseENTRY(lines 512 523) the Hoare annotation is: true [2022-07-19 17:23:48,947 INFO L899 garLoopResultBuilder]: For program point L516-1(lines 512 523) no Hoare annotation was computed. [2022-07-19 17:23:48,947 INFO L895 garLoopResultBuilder]: At program point L192(line 192) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:23:48,948 INFO L895 garLoopResultBuilder]: At program point L188(line 188) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:23:48,948 INFO L899 garLoopResultBuilder]: For program point L186(lines 186 194) no Hoare annotation was computed. [2022-07-19 17:23:48,948 INFO L899 garLoopResultBuilder]: For program point L182(lines 182 199) no Hoare annotation was computed. [2022-07-19 17:23:48,948 INFO L895 garLoopResultBuilder]: At program point L333(lines 318 336) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:23:48,948 INFO L899 garLoopResultBuilder]: For program point L327(lines 327 331) no Hoare annotation was computed. [2022-07-19 17:23:48,948 INFO L899 garLoopResultBuilder]: For program point L327-2(lines 327 331) no Hoare annotation was computed. [2022-07-19 17:23:48,949 INFO L895 garLoopResultBuilder]: At program point L197(line 197) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:23:48,949 INFO L899 garLoopResultBuilder]: For program point L197-1(lines 178 202) no Hoare annotation was computed. [2022-07-19 17:23:48,949 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__methaneQueryENTRY(lines 178 202) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:23:48,949 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 178 202) no Hoare annotation was computed. [2022-07-19 17:23:48,949 INFO L895 garLoopResultBuilder]: At program point L582(lines 577 585) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:23:48,949 INFO L902 garLoopResultBuilder]: At program point isMethaneAlarmENTRY(lines 262 272) the Hoare annotation is: true [2022-07-19 17:23:48,949 INFO L902 garLoopResultBuilder]: At program point L267(line 267) the Hoare annotation is: true [2022-07-19 17:23:48,950 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 262 272) no Hoare annotation was computed. [2022-07-19 17:23:48,950 INFO L899 garLoopResultBuilder]: For program point L267-1(line 267) no Hoare annotation was computed. [2022-07-19 17:23:48,950 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmFINAL(lines 262 272) no Hoare annotation was computed. [2022-07-19 17:23:48,953 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1] [2022-07-19 17:23:48,956 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-19 17:23:48,970 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 19.07 05:23:48 BoogieIcfgContainer [2022-07-19 17:23:48,970 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-19 17:23:48,971 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-19 17:23:48,971 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-19 17:23:48,971 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-19 17:23:48,972 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:23:47" (3/4) ... [2022-07-19 17:23:48,974 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-19 17:23:48,978 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-07-19 17:23:48,978 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-19 17:23:48,978 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-19 17:23:48,978 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-07-19 17:23:48,979 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-19 17:23:48,979 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-19 17:23:48,979 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-19 17:23:48,979 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2022-07-19 17:23:48,979 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2022-07-19 17:23:48,989 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 49 nodes and edges [2022-07-19 17:23:48,989 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-19 17:23:48,990 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-19 17:23:48,990 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-19 17:23:48,990 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-19 17:23:48,990 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-19 17:23:48,991 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-19 17:23:49,007 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) [2022-07-19 17:23:49,008 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || pumpRunning == 0 [2022-07-19 17:23:49,009 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || pumpRunning == 0 [2022-07-19 17:23:49,009 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || (pumpRunning == 0 && \result == 0) [2022-07-19 17:23:49,010 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) [2022-07-19 17:23:49,010 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) [2022-07-19 17:23:49,010 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) [2022-07-19 17:23:49,029 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-19 17:23:49,029 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-19 17:23:49,030 INFO L158 Benchmark]: Toolchain (without parser) took 2060.75ms. Allocated memory was 109.1MB in the beginning and 144.7MB in the end (delta: 35.7MB). Free memory was 79.3MB in the beginning and 87.8MB in the end (delta: -8.4MB). Peak memory consumption was 28.2MB. Max. memory is 16.1GB. [2022-07-19 17:23:49,030 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 109.1MB. Free memory is still 65.3MB. There was no memory consumed. Max. memory is 16.1GB. [2022-07-19 17:23:49,030 INFO L158 Benchmark]: CACSL2BoogieTranslator took 389.05ms. Allocated memory was 109.1MB in the beginning and 144.7MB in the end (delta: 35.7MB). Free memory was 79.3MB in the beginning and 110.5MB in the end (delta: -31.1MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-07-19 17:23:49,030 INFO L158 Benchmark]: Boogie Procedure Inliner took 47.15ms. Allocated memory is still 144.7MB. Free memory was 110.5MB in the beginning and 108.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-19 17:23:49,031 INFO L158 Benchmark]: Boogie Preprocessor took 39.08ms. Allocated memory is still 144.7MB. Free memory was 107.9MB in the beginning and 106.8MB in the end (delta: 1.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-19 17:23:49,031 INFO L158 Benchmark]: RCFGBuilder took 416.10ms. Allocated memory is still 144.7MB. Free memory was 106.8MB in the beginning and 90.0MB in the end (delta: 16.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2022-07-19 17:23:49,031 INFO L158 Benchmark]: TraceAbstraction took 1103.82ms. Allocated memory is still 144.7MB. Free memory was 89.5MB in the beginning and 94.1MB in the end (delta: -4.6MB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-19 17:23:49,031 INFO L158 Benchmark]: Witness Printer took 58.17ms. Allocated memory is still 144.7MB. Free memory was 94.1MB in the beginning and 87.8MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-07-19 17:23:49,032 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 109.1MB. Free memory is still 65.3MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 389.05ms. Allocated memory was 109.1MB in the beginning and 144.7MB in the end (delta: 35.7MB). Free memory was 79.3MB in the beginning and 110.5MB in the end (delta: -31.1MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 47.15ms. Allocated memory is still 144.7MB. Free memory was 110.5MB in the beginning and 108.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 39.08ms. Allocated memory is still 144.7MB. Free memory was 107.9MB in the beginning and 106.8MB in the end (delta: 1.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 416.10ms. Allocated memory is still 144.7MB. Free memory was 106.8MB in the beginning and 90.0MB in the end (delta: 16.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 1103.82ms. Allocated memory is still 144.7MB. Free memory was 89.5MB in the beginning and 94.1MB in the end (delta: -4.6MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 58.17ms. Allocated memory is still 144.7MB. Free memory was 94.1MB in the beginning and 87.8MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 98 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 1.0s, OverallIterations: 4, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.2s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 143 SdHoareTripleChecker+Valid, 0.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 139 mSDsluCounter, 688 SdHoareTripleChecker+Invalid, 0.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 279 mSDsCounter, 6 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 22 IncrementalHoareTripleChecker+Invalid, 28 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 6 mSolverCounterUnsat, 409 mSDtfsCounter, 22 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 22 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=147occurred in iteration=3, InterpolantAutomatonStates: 13, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 4 MinimizatonAttempts, 3 StatesRemovedByMinimization, 1 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 45 LocationsWithAnnotation, 268 PreInvPairs, 294 NumberOfFragments, 201 HoareAnnotationTreeSize, 268 FomulaSimplifications, 11 FormulaSimplificationTreeSizeReduction, 0.0s HoareSimplificationTime, 45 FomulaSimplificationsInter, 346 FormulaSimplificationTreeSizeReductionInter, 0.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.2s InterpolantComputationTime, 116 NumberOfCodeBlocks, 116 NumberOfCodeBlocksAsserted, 4 NumberOfCheckSat, 112 ConstructedInterpolants, 0 QuantifiedInterpolants, 210 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 4 InterpolantComputations, 4 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 337]: Loop Invariant Derived loop invariant: pumpRunning == 0 && splverifierCounter == 0 - InvariantResult [Line: 577]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) - InvariantResult [Line: 74]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 318]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) - InvariantResult [Line: 424]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 416]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive - InvariantResult [Line: 65]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 480]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive - InvariantResult [Line: 352]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0 - InvariantResult [Line: 204]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || pumpRunning == 0 - InvariantResult [Line: 588]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive - InvariantResult [Line: 362]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 500]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) - InvariantResult [Line: 473]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive - InvariantResult [Line: 50]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) - InvariantResult [Line: 273]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || (pumpRunning == 0 && \result == 0) - InvariantResult [Line: 596]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || pumpRunning == 0 - InvariantResult [Line: 75]: Loop Invariant Derived loop invariant: pumpRunning == 0 && splverifierCounter == 0 - InvariantResult [Line: 487]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive - InvariantResult [Line: 438]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 372]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-07-19 17:23:49,093 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE