./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version eb692b52 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 5bb0c67d0f3b897df6aba0c402ea453b42e61f1d6e102d991db16c73430a771e --- Real Ultimate output --- This is Ultimate 0.2.2-?-eb692b5 [2022-07-19 17:25:04,158 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-19 17:25:04,159 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-19 17:25:04,201 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-19 17:25:04,201 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-19 17:25:04,203 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-19 17:25:04,204 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-19 17:25:04,206 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-19 17:25:04,207 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-19 17:25:04,210 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-19 17:25:04,211 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-19 17:25:04,213 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-19 17:25:04,213 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-19 17:25:04,214 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-19 17:25:04,216 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-19 17:25:04,218 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-19 17:25:04,219 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-19 17:25:04,220 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-19 17:25:04,221 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-19 17:25:04,224 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-19 17:25:04,225 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-19 17:25:04,226 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-19 17:25:04,227 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-19 17:25:04,228 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-19 17:25:04,229 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-19 17:25:04,234 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-19 17:25:04,235 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-19 17:25:04,235 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-19 17:25:04,236 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-19 17:25:04,237 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-19 17:25:04,237 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-19 17:25:04,238 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-19 17:25:04,239 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-19 17:25:04,239 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-19 17:25:04,240 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-19 17:25:04,240 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-19 17:25:04,240 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-19 17:25:04,241 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-19 17:25:04,241 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-19 17:25:04,241 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-19 17:25:04,242 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-19 17:25:04,244 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-19 17:25:04,245 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-19 17:25:04,265 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-19 17:25:04,269 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-19 17:25:04,270 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-19 17:25:04,270 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-19 17:25:04,270 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-19 17:25:04,271 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-19 17:25:04,271 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-19 17:25:04,271 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-19 17:25:04,271 INFO L138 SettingsManager]: * Use SBE=true [2022-07-19 17:25:04,272 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-19 17:25:04,272 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-19 17:25:04,272 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-19 17:25:04,273 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-19 17:25:04,273 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-19 17:25:04,273 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-19 17:25:04,273 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-19 17:25:04,273 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-19 17:25:04,273 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-19 17:25:04,273 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-19 17:25:04,274 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-19 17:25:04,274 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-19 17:25:04,274 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-19 17:25:04,274 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-19 17:25:04,274 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-19 17:25:04,275 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-19 17:25:04,275 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-19 17:25:04,275 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-19 17:25:04,275 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-19 17:25:04,275 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-19 17:25:04,275 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-19 17:25:04,276 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-19 17:25:04,276 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-19 17:25:04,276 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-19 17:25:04,276 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 5bb0c67d0f3b897df6aba0c402ea453b42e61f1d6e102d991db16c73430a771e [2022-07-19 17:25:04,474 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-19 17:25:04,498 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-19 17:25:04,500 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-19 17:25:04,501 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-19 17:25:04,501 INFO L275 PluginConnector]: CDTParser initialized [2022-07-19 17:25:04,502 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c [2022-07-19 17:25:04,555 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/99864971c/742a548e5fd94c7885e70c3f4734838d/FLAG767bf5018 [2022-07-19 17:25:04,993 INFO L306 CDTParser]: Found 1 translation units. [2022-07-19 17:25:04,996 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c [2022-07-19 17:25:05,007 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/99864971c/742a548e5fd94c7885e70c3f4734838d/FLAG767bf5018 [2022-07-19 17:25:05,354 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/99864971c/742a548e5fd94c7885e70c3f4734838d [2022-07-19 17:25:05,357 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-19 17:25:05,358 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-19 17:25:05,360 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-19 17:25:05,360 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-19 17:25:05,362 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-19 17:25:05,363 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,364 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@39c388ee and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05, skipping insertion in model container [2022-07-19 17:25:05,364 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,370 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-19 17:25:05,413 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-19 17:25:05,676 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c[14361,14374] [2022-07-19 17:25:05,706 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-19 17:25:05,716 INFO L203 MainTranslator]: Completed pre-run [2022-07-19 17:25:05,750 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c[14361,14374] [2022-07-19 17:25:05,756 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-19 17:25:05,771 INFO L208 MainTranslator]: Completed translation [2022-07-19 17:25:05,772 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05 WrapperNode [2022-07-19 17:25:05,772 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-19 17:25:05,773 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-19 17:25:05,773 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-19 17:25:05,773 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-19 17:25:05,778 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,792 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,810 INFO L137 Inliner]: procedures = 54, calls = 152, calls flagged for inlining = 22, calls inlined = 18, statements flattened = 225 [2022-07-19 17:25:05,811 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-19 17:25:05,811 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-19 17:25:05,811 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-19 17:25:05,812 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-19 17:25:05,817 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,817 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,819 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,819 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,823 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,827 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,828 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,829 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-19 17:25:05,830 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-19 17:25:05,830 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-19 17:25:05,830 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-19 17:25:05,831 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05" (1/1) ... [2022-07-19 17:25:05,836 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-19 17:25:05,843 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-19 17:25:05,860 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-19 17:25:05,865 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-19 17:25:05,889 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-19 17:25:05,889 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-19 17:25:05,890 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-19 17:25:05,890 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-19 17:25:05,890 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-19 17:25:05,890 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-19 17:25:05,891 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-19 17:25:05,891 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-19 17:25:05,891 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-19 17:25:05,891 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-07-19 17:25:05,891 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-07-19 17:25:05,892 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-19 17:25:05,892 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-19 17:25:05,892 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-19 17:25:05,892 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-19 17:25:05,892 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-19 17:25:05,957 INFO L234 CfgBuilder]: Building ICFG [2022-07-19 17:25:05,958 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-19 17:25:06,241 INFO L275 CfgBuilder]: Performing block encoding [2022-07-19 17:25:06,246 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-19 17:25:06,250 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-19 17:25:06,252 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:25:06 BoogieIcfgContainer [2022-07-19 17:25:06,252 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-19 17:25:06,254 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-19 17:25:06,254 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-19 17:25:06,257 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-19 17:25:06,258 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 19.07 05:25:05" (1/3) ... [2022-07-19 17:25:06,258 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@dd8212a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.07 05:25:06, skipping insertion in model container [2022-07-19 17:25:06,259 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:05" (2/3) ... [2022-07-19 17:25:06,259 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@dd8212a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.07 05:25:06, skipping insertion in model container [2022-07-19 17:25:06,259 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:25:06" (3/3) ... [2022-07-19 17:25:06,260 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product20.cil.c [2022-07-19 17:25:06,287 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-19 17:25:06,288 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-19 17:25:06,343 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-19 17:25:06,348 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@5b65630e, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@69de2d5d [2022-07-19 17:25:06,349 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-19 17:25:06,352 INFO L276 IsEmpty]: Start isEmpty. Operand has 77 states, 59 states have (on average 1.3898305084745763) internal successors, (82), 66 states have internal predecessors, (82), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2022-07-19 17:25:06,358 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-07-19 17:25:06,358 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:06,359 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:06,360 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:06,364 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:06,365 INFO L85 PathProgramCache]: Analyzing trace with hash -1506660750, now seen corresponding path program 1 times [2022-07-19 17:25:06,371 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:06,371 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1966025239] [2022-07-19 17:25:06,371 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:06,372 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:06,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:06,485 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-19 17:25:06,486 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:06,486 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1966025239] [2022-07-19 17:25:06,487 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1966025239] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:06,487 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:06,487 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-19 17:25:06,488 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1897977772] [2022-07-19 17:25:06,488 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:06,492 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-19 17:25:06,492 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:06,510 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-19 17:25:06,510 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-19 17:25:06,513 INFO L87 Difference]: Start difference. First operand has 77 states, 59 states have (on average 1.3898305084745763) internal successors, (82), 66 states have internal predecessors, (82), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:06,543 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:06,544 INFO L93 Difference]: Finished difference Result 146 states and 199 transitions. [2022-07-19 17:25:06,546 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-19 17:25:06,547 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-07-19 17:25:06,547 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:06,554 INFO L225 Difference]: With dead ends: 146 [2022-07-19 17:25:06,557 INFO L226 Difference]: Without dead ends: 68 [2022-07-19 17:25:06,560 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-19 17:25:06,565 INFO L413 NwaCegarLoop]: 96 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 96 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:06,566 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:06,576 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2022-07-19 17:25:06,602 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2022-07-19 17:25:06,603 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 68 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 58 states have internal predecessors, (68), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-07-19 17:25:06,606 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 87 transitions. [2022-07-19 17:25:06,607 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 87 transitions. Word has length 19 [2022-07-19 17:25:06,607 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:06,608 INFO L495 AbstractCegarLoop]: Abstraction has 68 states and 87 transitions. [2022-07-19 17:25:06,608 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:06,608 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 87 transitions. [2022-07-19 17:25:06,609 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-07-19 17:25:06,609 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:06,610 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:06,610 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-19 17:25:06,610 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:06,610 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:06,611 INFO L85 PathProgramCache]: Analyzing trace with hash 1702349577, now seen corresponding path program 1 times [2022-07-19 17:25:06,611 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:06,611 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1339276756] [2022-07-19 17:25:06,611 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:06,611 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:06,648 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:06,694 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-19 17:25:06,694 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:06,694 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1339276756] [2022-07-19 17:25:06,695 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1339276756] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:06,695 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:06,695 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-19 17:25:06,696 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [370834305] [2022-07-19 17:25:06,696 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:06,697 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-19 17:25:06,698 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:06,699 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-19 17:25:06,699 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:06,700 INFO L87 Difference]: Start difference. First operand 68 states and 87 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:06,725 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:06,725 INFO L93 Difference]: Finished difference Result 97 states and 123 transitions. [2022-07-19 17:25:06,726 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-19 17:25:06,726 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2022-07-19 17:25:06,726 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:06,729 INFO L225 Difference]: With dead ends: 97 [2022-07-19 17:25:06,729 INFO L226 Difference]: Without dead ends: 59 [2022-07-19 17:25:06,732 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:06,734 INFO L413 NwaCegarLoop]: 74 mSDtfsCounter, 17 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:06,734 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 126 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:06,736 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-07-19 17:25:06,741 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2022-07-19 17:25:06,742 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 46 states have (on average 1.326086956521739) internal successors, (61), 52 states have internal predecessors, (61), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2022-07-19 17:25:06,744 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 75 transitions. [2022-07-19 17:25:06,744 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 75 transitions. Word has length 20 [2022-07-19 17:25:06,745 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:06,746 INFO L495 AbstractCegarLoop]: Abstraction has 59 states and 75 transitions. [2022-07-19 17:25:06,746 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:06,746 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 75 transitions. [2022-07-19 17:25:06,749 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-07-19 17:25:06,750 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:06,750 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:06,750 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-19 17:25:06,750 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:06,754 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:06,757 INFO L85 PathProgramCache]: Analyzing trace with hash -992613126, now seen corresponding path program 1 times [2022-07-19 17:25:06,757 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:06,757 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [109675596] [2022-07-19 17:25:06,757 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:06,758 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:06,790 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:06,840 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-19 17:25:06,841 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:06,841 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [109675596] [2022-07-19 17:25:06,841 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [109675596] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:06,841 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:06,841 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-19 17:25:06,842 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1806827973] [2022-07-19 17:25:06,842 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:06,842 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-19 17:25:06,842 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:06,843 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-19 17:25:06,843 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-19 17:25:06,843 INFO L87 Difference]: Start difference. First operand 59 states and 75 transitions. Second operand has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:06,964 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:06,964 INFO L93 Difference]: Finished difference Result 215 states and 287 transitions. [2022-07-19 17:25:06,965 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-19 17:25:06,965 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 25 [2022-07-19 17:25:06,965 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:06,967 INFO L225 Difference]: With dead ends: 215 [2022-07-19 17:25:06,967 INFO L226 Difference]: Without dead ends: 163 [2022-07-19 17:25:06,968 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-07-19 17:25:06,969 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 176 mSDsluCounter, 326 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 176 SdHoareTripleChecker+Valid, 420 SdHoareTripleChecker+Invalid, 105 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:06,969 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [176 Valid, 420 Invalid, 105 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-19 17:25:06,970 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 163 states. [2022-07-19 17:25:06,983 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 163 to 141. [2022-07-19 17:25:06,983 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 141 states, 108 states have (on average 1.3703703703703705) internal successors, (148), 122 states have internal predecessors, (148), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 12 states have call predecessors, (19), 18 states have call successors, (19) [2022-07-19 17:25:06,984 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 141 states to 141 states and 185 transitions. [2022-07-19 17:25:06,985 INFO L78 Accepts]: Start accepts. Automaton has 141 states and 185 transitions. Word has length 25 [2022-07-19 17:25:06,985 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:06,985 INFO L495 AbstractCegarLoop]: Abstraction has 141 states and 185 transitions. [2022-07-19 17:25:06,985 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:06,985 INFO L276 IsEmpty]: Start isEmpty. Operand 141 states and 185 transitions. [2022-07-19 17:25:06,986 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-07-19 17:25:06,986 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:06,986 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:06,987 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-19 17:25:06,987 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:06,987 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:06,987 INFO L85 PathProgramCache]: Analyzing trace with hash -2068590127, now seen corresponding path program 1 times [2022-07-19 17:25:06,988 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:06,988 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [699040699] [2022-07-19 17:25:06,988 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:06,988 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:07,000 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:07,054 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-19 17:25:07,054 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:07,055 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [699040699] [2022-07-19 17:25:07,055 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [699040699] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:07,055 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:07,055 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-07-19 17:25:07,055 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2115776658] [2022-07-19 17:25:07,056 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:07,056 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-19 17:25:07,056 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:07,057 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-19 17:25:07,057 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-07-19 17:25:07,057 INFO L87 Difference]: Start difference. First operand 141 states and 185 transitions. Second operand has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:07,183 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:07,183 INFO L93 Difference]: Finished difference Result 527 states and 736 transitions. [2022-07-19 17:25:07,184 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-07-19 17:25:07,184 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 28 [2022-07-19 17:25:07,184 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:07,187 INFO L225 Difference]: With dead ends: 527 [2022-07-19 17:25:07,187 INFO L226 Difference]: Without dead ends: 393 [2022-07-19 17:25:07,188 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=51, Invalid=131, Unknown=0, NotChecked=0, Total=182 [2022-07-19 17:25:07,189 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 188 mSDsluCounter, 388 mSDsCounter, 0 mSdLazyCounter, 126 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 188 SdHoareTripleChecker+Valid, 468 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 126 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:07,189 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [188 Valid, 468 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-19 17:25:07,190 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 393 states. [2022-07-19 17:25:07,212 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 393 to 378. [2022-07-19 17:25:07,213 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 378 states, 287 states have (on average 1.3449477351916377) internal successors, (386), 324 states have internal predecessors, (386), 51 states have call successors, (51), 39 states have call predecessors, (51), 39 states have return successors, (65), 33 states have call predecessors, (65), 51 states have call successors, (65) [2022-07-19 17:25:07,215 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 378 states to 378 states and 502 transitions. [2022-07-19 17:25:07,216 INFO L78 Accepts]: Start accepts. Automaton has 378 states and 502 transitions. Word has length 28 [2022-07-19 17:25:07,216 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:07,216 INFO L495 AbstractCegarLoop]: Abstraction has 378 states and 502 transitions. [2022-07-19 17:25:07,216 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:07,216 INFO L276 IsEmpty]: Start isEmpty. Operand 378 states and 502 transitions. [2022-07-19 17:25:07,218 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-07-19 17:25:07,218 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:07,218 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:07,218 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-19 17:25:07,218 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:07,219 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:07,219 INFO L85 PathProgramCache]: Analyzing trace with hash -1789142954, now seen corresponding path program 1 times [2022-07-19 17:25:07,219 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:07,219 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1098646466] [2022-07-19 17:25:07,219 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:07,220 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:07,231 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:07,246 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-19 17:25:07,247 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:07,247 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1098646466] [2022-07-19 17:25:07,247 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1098646466] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:07,247 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:07,247 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-19 17:25:07,248 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1413526595] [2022-07-19 17:25:07,248 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:07,248 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-19 17:25:07,248 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:07,249 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-19 17:25:07,249 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:07,249 INFO L87 Difference]: Start difference. First operand 378 states and 502 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:07,263 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:07,263 INFO L93 Difference]: Finished difference Result 656 states and 885 transitions. [2022-07-19 17:25:07,263 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-19 17:25:07,264 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 30 [2022-07-19 17:25:07,264 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:07,265 INFO L225 Difference]: With dead ends: 656 [2022-07-19 17:25:07,265 INFO L226 Difference]: Without dead ends: 285 [2022-07-19 17:25:07,267 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:07,267 INFO L413 NwaCegarLoop]: 50 mSDtfsCounter, 34 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 50 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:07,268 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 50 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:07,268 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2022-07-19 17:25:07,279 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 279. [2022-07-19 17:25:07,280 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 279 states, 218 states have (on average 1.261467889908257) internal successors, (275), 234 states have internal predecessors, (275), 30 states have call successors, (30), 30 states have call predecessors, (30), 30 states have return successors, (36), 30 states have call predecessors, (36), 30 states have call successors, (36) [2022-07-19 17:25:07,281 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 279 states to 279 states and 341 transitions. [2022-07-19 17:25:07,281 INFO L78 Accepts]: Start accepts. Automaton has 279 states and 341 transitions. Word has length 30 [2022-07-19 17:25:07,281 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:07,281 INFO L495 AbstractCegarLoop]: Abstraction has 279 states and 341 transitions. [2022-07-19 17:25:07,282 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:07,282 INFO L276 IsEmpty]: Start isEmpty. Operand 279 states and 341 transitions. [2022-07-19 17:25:07,283 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2022-07-19 17:25:07,283 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:07,284 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:07,284 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-19 17:25:07,284 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:07,284 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:07,285 INFO L85 PathProgramCache]: Analyzing trace with hash 1403719521, now seen corresponding path program 1 times [2022-07-19 17:25:07,285 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:07,285 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [35569546] [2022-07-19 17:25:07,285 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:07,285 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:07,299 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:07,332 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2022-07-19 17:25:07,334 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:07,341 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-19 17:25:07,343 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:07,347 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2022-07-19 17:25:07,349 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:07,351 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-07-19 17:25:07,351 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:07,351 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [35569546] [2022-07-19 17:25:07,351 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [35569546] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-19 17:25:07,352 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1940885168] [2022-07-19 17:25:07,352 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:07,352 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-19 17:25:07,352 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-19 17:25:07,384 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-19 17:25:07,424 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-19 17:25:07,466 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:07,475 INFO L263 TraceCheckSpWp]: Trace formula consists of 370 conjuncts, 9 conjunts are in the unsatisfiable core [2022-07-19 17:25:07,480 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-19 17:25:07,646 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 16 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-19 17:25:07,647 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-19 17:25:07,846 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 16 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-19 17:25:07,846 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1940885168] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-19 17:25:07,846 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-19 17:25:07,846 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6, 7] total 15 [2022-07-19 17:25:07,846 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1731002431] [2022-07-19 17:25:07,847 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-19 17:25:07,847 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-07-19 17:25:07,847 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:07,848 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-07-19 17:25:07,848 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=162, Unknown=0, NotChecked=0, Total=210 [2022-07-19 17:25:07,848 INFO L87 Difference]: Start difference. First operand 279 states and 341 transitions. Second operand has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-19 17:25:08,048 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:08,048 INFO L93 Difference]: Finished difference Result 377 states and 459 transitions. [2022-07-19 17:25:08,049 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-19 17:25:08,049 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 54 [2022-07-19 17:25:08,049 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:08,050 INFO L225 Difference]: With dead ends: 377 [2022-07-19 17:25:08,050 INFO L226 Difference]: Without dead ends: 0 [2022-07-19 17:25:08,050 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 124 GetRequests, 105 SyntacticMatches, 1 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=99, Invalid=281, Unknown=0, NotChecked=0, Total=380 [2022-07-19 17:25:08,055 INFO L413 NwaCegarLoop]: 71 mSDtfsCounter, 130 mSDsluCounter, 348 mSDsCounter, 0 mSdLazyCounter, 187 mSolverCounterSat, 49 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 419 SdHoareTripleChecker+Invalid, 236 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 49 IncrementalHoareTripleChecker+Valid, 187 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:08,055 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 419 Invalid, 236 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [49 Valid, 187 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-19 17:25:08,056 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-19 17:25:08,056 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-19 17:25:08,056 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:08,057 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-19 17:25:08,057 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 54 [2022-07-19 17:25:08,058 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:08,058 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-19 17:25:08,058 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-19 17:25:08,058 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-19 17:25:08,058 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-19 17:25:08,060 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-19 17:25:08,088 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-19 17:25:08,277 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2022-07-19 17:25:08,280 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-19 17:25:09,001 INFO L902 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 757 764) the Hoare annotation is: true [2022-07-19 17:25:09,001 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 757 764) no Hoare annotation was computed. [2022-07-19 17:25:09,002 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 757 764) no Hoare annotation was computed. [2022-07-19 17:25:09,002 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 716 722) no Hoare annotation was computed. [2022-07-19 17:25:09,002 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 716 722) the Hoare annotation is: true [2022-07-19 17:25:09,002 INFO L899 garLoopResultBuilder]: For program point L125-1(lines 121 132) no Hoare annotation was computed. [2022-07-19 17:25:09,002 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 121 132) the Hoare annotation is: true [2022-07-19 17:25:09,002 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 121 132) no Hoare annotation was computed. [2022-07-19 17:25:09,002 INFO L899 garLoopResultBuilder]: For program point L671(lines 671 677) no Hoare annotation was computed. [2022-07-19 17:25:09,002 INFO L899 garLoopResultBuilder]: For program point L667(lines 667 680) no Hoare annotation was computed. [2022-07-19 17:25:09,002 INFO L895 garLoopResultBuilder]: At program point L667-1(lines 659 683) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0))) (.cse3 (not (= |timeShift_getWaterLevel_#res#1| 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 .cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-19 17:25:09,002 INFO L899 garLoopResultBuilder]: For program point L696-1(lines 695 714) no Hoare annotation was computed. [2022-07-19 17:25:09,002 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 692 715) no Hoare annotation was computed. [2022-07-19 17:25:09,002 INFO L895 garLoopResultBuilder]: At program point L738(line 738) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-19 17:25:09,002 INFO L895 garLoopResultBuilder]: At program point L734(line 734) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-19 17:25:09,003 INFO L895 garLoopResultBuilder]: At program point L743(line 743) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-19 17:25:09,003 INFO L895 garLoopResultBuilder]: At program point L743-1(lines 724 748) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-19 17:25:09,003 INFO L899 garLoopResultBuilder]: For program point L830(lines 830 834) no Hoare annotation was computed. [2022-07-19 17:25:09,003 INFO L899 garLoopResultBuilder]: For program point L830-2(lines 830 834) no Hoare annotation was computed. [2022-07-19 17:25:09,003 INFO L895 garLoopResultBuilder]: At program point L781(lines 776 784) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-19 17:25:09,003 INFO L899 garLoopResultBuilder]: For program point L653(line 653) no Hoare annotation was computed. [2022-07-19 17:25:09,003 INFO L895 garLoopResultBuilder]: At program point L170(lines 165 173) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_getWaterLevel_#res#1| 0)))) (and (or .cse0 (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 (= ~waterLevel~0 1))))) [2022-07-19 17:25:09,003 INFO L899 garLoopResultBuilder]: For program point L703-1(lines 703 709) no Hoare annotation was computed. [2022-07-19 17:25:09,003 INFO L899 garLoopResultBuilder]: For program point L732(lines 732 740) no Hoare annotation was computed. [2022-07-19 17:25:09,004 INFO L899 garLoopResultBuilder]: For program point L728(lines 728 745) no Hoare annotation was computed. [2022-07-19 17:25:09,004 INFO L895 garLoopResultBuilder]: At program point L179(lines 174 182) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-19 17:25:09,004 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 692 715) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-19 17:25:09,004 INFO L895 garLoopResultBuilder]: At program point L654(lines 649 656) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-19 17:25:09,004 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 692 715) no Hoare annotation was computed. [2022-07-19 17:25:09,004 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 653) no Hoare annotation was computed. [2022-07-19 17:25:09,004 INFO L899 garLoopResultBuilder]: For program point L101(lines 101 105) no Hoare annotation was computed. [2022-07-19 17:25:09,004 INFO L895 garLoopResultBuilder]: At program point L836(lines 821 839) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-19 17:25:09,004 INFO L895 garLoopResultBuilder]: At program point L101-2(lines 97 108) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-19 17:25:09,004 INFO L902 garLoopResultBuilder]: At program point L192(line 192) the Hoare annotation is: true [2022-07-19 17:25:09,004 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 186 215) no Hoare annotation was computed. [2022-07-19 17:25:09,004 INFO L899 garLoopResultBuilder]: For program point L192-1(line 192) no Hoare annotation was computed. [2022-07-19 17:25:09,004 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 186 215) the Hoare annotation is: true [2022-07-19 17:25:09,004 INFO L902 garLoopResultBuilder]: At program point L211(lines 186 215) the Hoare annotation is: true [2022-07-19 17:25:09,004 INFO L899 garLoopResultBuilder]: For program point L207(line 207) no Hoare annotation was computed. [2022-07-19 17:25:09,004 INFO L899 garLoopResultBuilder]: For program point L200(lines 200 204) no Hoare annotation was computed. [2022-07-19 17:25:09,005 INFO L902 garLoopResultBuilder]: At program point L200-1(lines 200 204) the Hoare annotation is: true [2022-07-19 17:25:09,005 INFO L899 garLoopResultBuilder]: For program point L197(line 197) no Hoare annotation was computed. [2022-07-19 17:25:09,005 INFO L902 garLoopResultBuilder]: At program point L196-2(lines 196 210) the Hoare annotation is: true [2022-07-19 17:25:09,005 INFO L902 garLoopResultBuilder]: At program point L927(lines 864 931) the Hoare annotation is: true [2022-07-19 17:25:09,005 INFO L899 garLoopResultBuilder]: For program point L894(lines 894 900) no Hoare annotation was computed. [2022-07-19 17:25:09,005 INFO L899 garLoopResultBuilder]: For program point L894-1(lines 894 900) no Hoare annotation was computed. [2022-07-19 17:25:09,005 INFO L895 garLoopResultBuilder]: At program point L886(line 886) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-19 17:25:09,005 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-19 17:25:09,005 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-19 17:25:09,005 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-19 17:25:09,005 INFO L895 garLoopResultBuilder]: At program point L924(lines 873 925) the Hoare annotation is: false [2022-07-19 17:25:09,005 INFO L899 garLoopResultBuilder]: For program point L912(lines 912 918) no Hoare annotation was computed. [2022-07-19 17:25:09,005 INFO L895 garLoopResultBuilder]: At program point L846(line 846) the Hoare annotation is: false [2022-07-19 17:25:09,005 INFO L895 garLoopResultBuilder]: At program point L912-2(lines 904 919) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-19 17:25:09,005 INFO L899 garLoopResultBuilder]: For program point L875(lines 874 923) no Hoare annotation was computed. [2022-07-19 17:25:09,005 INFO L899 garLoopResultBuilder]: For program point L904(lines 904 919) no Hoare annotation was computed. [2022-07-19 17:25:09,006 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-19 17:25:09,006 INFO L895 garLoopResultBuilder]: At program point L896(line 896) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-19 17:25:09,006 INFO L902 garLoopResultBuilder]: At program point L256(lines 249 258) the Hoare annotation is: true [2022-07-19 17:25:09,006 INFO L895 garLoopResultBuilder]: At program point L921(lines 874 923) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-19 17:25:09,006 INFO L899 garLoopResultBuilder]: For program point L884(lines 884 890) no Hoare annotation was computed. [2022-07-19 17:25:09,006 INFO L895 garLoopResultBuilder]: At program point L83(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-19 17:25:09,006 INFO L899 garLoopResultBuilder]: For program point L884-1(lines 884 890) no Hoare annotation was computed. [2022-07-19 17:25:09,006 INFO L899 garLoopResultBuilder]: For program point L269(lines 269 276) no Hoare annotation was computed. [2022-07-19 17:25:09,006 INFO L899 garLoopResultBuilder]: For program point L876(lines 876 880) no Hoare annotation was computed. [2022-07-19 17:25:09,006 INFO L895 garLoopResultBuilder]: At program point L75(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-19 17:25:09,006 INFO L899 garLoopResultBuilder]: For program point L269-2(lines 269 276) no Hoare annotation was computed. [2022-07-19 17:25:09,006 INFO L895 garLoopResultBuilder]: At program point L860(lines 855 862) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2) (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 .cse2 (= ~waterLevel~0 1)))) [2022-07-19 17:25:09,006 INFO L902 garLoopResultBuilder]: At program point L278(lines 259 281) the Hoare annotation is: true [2022-07-19 17:25:09,006 INFO L895 garLoopResultBuilder]: At program point L245(lines 241 247) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0) (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-19 17:25:09,006 INFO L895 garLoopResultBuilder]: At program point L852(lines 840 854) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-19 17:25:09,007 INFO L899 garLoopResultBuilder]: For program point L844(lines 844 850) no Hoare annotation was computed. [2022-07-19 17:25:09,007 INFO L899 garLoopResultBuilder]: For program point L844-1(lines 844 850) no Hoare annotation was computed. [2022-07-19 17:25:09,007 INFO L895 garLoopResultBuilder]: At program point L68(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-19 17:25:09,007 INFO L899 garLoopResultBuilder]: For program point L113-1(lines 109 120) no Hoare annotation was computed. [2022-07-19 17:25:09,007 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 109 120) no Hoare annotation was computed. [2022-07-19 17:25:09,007 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 109 120) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0)))) (and (or .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)))) [2022-07-19 17:25:09,009 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-07-19 17:25:09,010 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-19 17:25:09,024 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 19.07 05:25:09 BoogieIcfgContainer [2022-07-19 17:25:09,024 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-19 17:25:09,025 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-19 17:25:09,025 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-19 17:25:09,025 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-19 17:25:09,026 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:25:06" (3/4) ... [2022-07-19 17:25:09,028 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-19 17:25:09,032 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-07-19 17:25:09,032 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-19 17:25:09,032 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-19 17:25:09,032 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-19 17:25:09,032 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-19 17:25:09,032 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-19 17:25:09,037 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 50 nodes and edges [2022-07-19 17:25:09,037 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-19 17:25:09,037 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-19 17:25:09,037 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-19 17:25:09,038 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-19 17:25:09,038 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-19 17:25:09,038 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-19 17:25:09,054 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-19 17:25:09,054 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-19 17:25:09,054 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) [2022-07-19 17:25:09,055 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-19 17:25:09,055 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) [2022-07-19 17:25:09,055 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) || (((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) [2022-07-19 17:25:09,056 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) [2022-07-19 17:25:09,056 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) [2022-07-19 17:25:09,056 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) [2022-07-19 17:25:09,056 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-19 17:25:09,056 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-19 17:25:09,057 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-19 17:25:09,057 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-19 17:25:09,068 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-19 17:25:09,068 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-19 17:25:09,068 INFO L158 Benchmark]: Toolchain (without parser) took 3710.71ms. Allocated memory was 113.2MB in the beginning and 163.6MB in the end (delta: 50.3MB). Free memory was 84.6MB in the beginning and 54.2MB in the end (delta: 30.4MB). Peak memory consumption was 81.0MB. Max. memory is 16.1GB. [2022-07-19 17:25:09,068 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 113.2MB. Free memory is still 69.5MB. There was no memory consumed. Max. memory is 16.1GB. [2022-07-19 17:25:09,069 INFO L158 Benchmark]: CACSL2BoogieTranslator took 411.82ms. Allocated memory is still 113.2MB. Free memory was 84.4MB in the beginning and 78.6MB in the end (delta: 5.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-07-19 17:25:09,069 INFO L158 Benchmark]: Boogie Procedure Inliner took 38.33ms. Allocated memory is still 113.2MB. Free memory was 78.6MB in the beginning and 76.3MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-19 17:25:09,069 INFO L158 Benchmark]: Boogie Preprocessor took 18.24ms. Allocated memory is still 113.2MB. Free memory was 76.3MB in the beginning and 74.6MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-19 17:25:09,069 INFO L158 Benchmark]: RCFGBuilder took 422.39ms. Allocated memory is still 113.2MB. Free memory was 74.6MB in the beginning and 59.5MB in the end (delta: 15.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2022-07-19 17:25:09,070 INFO L158 Benchmark]: TraceAbstraction took 2770.60ms. Allocated memory was 113.2MB in the beginning and 163.6MB in the end (delta: 50.3MB). Free memory was 58.9MB in the beginning and 59.4MB in the end (delta: -545.1kB). Peak memory consumption was 50.8MB. Max. memory is 16.1GB. [2022-07-19 17:25:09,070 INFO L158 Benchmark]: Witness Printer took 43.09ms. Allocated memory is still 163.6MB. Free memory was 59.4MB in the beginning and 54.2MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-07-19 17:25:09,071 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 113.2MB. Free memory is still 69.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 411.82ms. Allocated memory is still 113.2MB. Free memory was 84.4MB in the beginning and 78.6MB in the end (delta: 5.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 38.33ms. Allocated memory is still 113.2MB. Free memory was 78.6MB in the beginning and 76.3MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 18.24ms. Allocated memory is still 113.2MB. Free memory was 76.3MB in the beginning and 74.6MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 422.39ms. Allocated memory is still 113.2MB. Free memory was 74.6MB in the beginning and 59.5MB in the end (delta: 15.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2770.60ms. Allocated memory was 113.2MB in the beginning and 163.6MB in the end (delta: 50.3MB). Free memory was 58.9MB in the beginning and 59.4MB in the end (delta: -545.1kB). Peak memory consumption was 50.8MB. Max. memory is 16.1GB. * Witness Printer took 43.09ms. Allocated memory is still 163.6MB. Free memory was 59.4MB in the beginning and 54.2MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 653]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 77 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.7s, OverallIterations: 6, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.7s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 549 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 545 mSDsluCounter, 1579 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1114 mSDsCounter, 99 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 405 IncrementalHoareTripleChecker+Invalid, 504 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 99 mSolverCounterUnsat, 465 mSDtfsCounter, 405 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 153 GetRequests, 114 SyntacticMatches, 1 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 60 ImplicationChecksByTransitivity, 0.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=378occurred in iteration=4, InterpolantAutomatonStates: 32, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 6 MinimizatonAttempts, 43 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 36 LocationsWithAnnotation, 486 PreInvPairs, 546 NumberOfFragments, 523 HoareAnnotationTreeSize, 486 FomulaSimplifications, 289 FormulaSimplificationTreeSizeReduction, 0.1s HoareSimplificationTime, 36 FomulaSimplificationsInter, 2313 FormulaSimplificationTreeSizeReductionInter, 0.6s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.6s InterpolantComputationTime, 230 NumberOfCodeBlocks, 230 NumberOfCodeBlocksAsserted, 7 NumberOfCheckSat, 276 ConstructedInterpolants, 0 QuantifiedInterpolants, 753 SizeOfPredicates, 0 NumberOfNonLiveVariables, 370 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 8 InterpolantComputations, 5 PerfectInterpolantSequences, 51/57 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 873]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 249]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 97]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 174]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 659]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 855]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) || (((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 165]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) - InvariantResult [Line: 776]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 724]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 649]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 874]: Loop Invariant Derived loop invariant: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) - InvariantResult [Line: 821]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 241]: Loop Invariant Derived loop invariant: (((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 196]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 864]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 186]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 840]: Loop Invariant Derived loop invariant: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) - InvariantResult [Line: 259]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-07-19 17:25:09,103 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE