./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product15.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version eb692b52 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product15.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash d8f3facefcf920bf8f8138d914907ca196bce75367abcd95ac8ef69b29697377 --- Real Ultimate output --- This is Ultimate 0.2.2-?-eb692b5 [2022-07-19 17:25:44,508 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-19 17:25:44,509 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-19 17:25:44,540 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-19 17:25:44,542 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-19 17:25:44,543 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-19 17:25:44,560 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-19 17:25:44,561 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-19 17:25:44,562 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-19 17:25:44,563 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-19 17:25:44,563 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-19 17:25:44,564 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-19 17:25:44,564 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-19 17:25:44,565 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-19 17:25:44,566 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-19 17:25:44,566 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-19 17:25:44,567 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-19 17:25:44,568 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-19 17:25:44,569 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-19 17:25:44,570 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-19 17:25:44,571 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-19 17:25:44,584 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-19 17:25:44,585 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-19 17:25:44,585 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-19 17:25:44,586 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-19 17:25:44,588 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-19 17:25:44,588 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-19 17:25:44,588 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-19 17:25:44,589 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-19 17:25:44,589 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-19 17:25:44,590 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-19 17:25:44,590 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-19 17:25:44,591 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-19 17:25:44,591 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-19 17:25:44,592 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-19 17:25:44,592 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-19 17:25:44,592 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-19 17:25:44,593 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-19 17:25:44,593 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-19 17:25:44,593 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-19 17:25:44,594 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-19 17:25:44,595 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-19 17:25:44,596 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-19 17:25:44,627 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-19 17:25:44,633 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-19 17:25:44,634 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-19 17:25:44,634 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-19 17:25:44,635 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-19 17:25:44,635 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-19 17:25:44,635 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-19 17:25:44,635 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-19 17:25:44,636 INFO L138 SettingsManager]: * Use SBE=true [2022-07-19 17:25:44,636 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-19 17:25:44,636 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-19 17:25:44,636 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-19 17:25:44,636 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-19 17:25:44,636 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-19 17:25:44,637 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-19 17:25:44,637 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-19 17:25:44,637 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-19 17:25:44,637 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-19 17:25:44,637 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-19 17:25:44,637 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-19 17:25:44,638 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-19 17:25:44,638 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-19 17:25:44,638 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-19 17:25:44,638 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-19 17:25:44,638 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-19 17:25:44,639 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-19 17:25:44,639 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-19 17:25:44,639 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-19 17:25:44,639 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-19 17:25:44,639 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-19 17:25:44,639 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-19 17:25:44,640 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-19 17:25:44,640 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-19 17:25:44,640 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> d8f3facefcf920bf8f8138d914907ca196bce75367abcd95ac8ef69b29697377 [2022-07-19 17:25:44,834 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-19 17:25:44,854 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-19 17:25:44,857 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-19 17:25:44,858 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-19 17:25:44,858 INFO L275 PluginConnector]: CDTParser initialized [2022-07-19 17:25:44,859 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product15.cil.c [2022-07-19 17:25:44,940 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1144fedf2/81d227d783da4299a97d9f2291711630/FLAG827ccb484 [2022-07-19 17:25:45,346 INFO L306 CDTParser]: Found 1 translation units. [2022-07-19 17:25:45,346 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product15.cil.c [2022-07-19 17:25:45,354 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1144fedf2/81d227d783da4299a97d9f2291711630/FLAG827ccb484 [2022-07-19 17:25:45,368 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1144fedf2/81d227d783da4299a97d9f2291711630 [2022-07-19 17:25:45,370 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-19 17:25:45,372 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-19 17:25:45,373 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-19 17:25:45,373 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-19 17:25:45,375 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-19 17:25:45,376 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,377 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6baeafb and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45, skipping insertion in model container [2022-07-19 17:25:45,377 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,382 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-19 17:25:45,412 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-19 17:25:45,611 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product15.cil.c[17325,17338] [2022-07-19 17:25:45,615 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-19 17:25:45,621 INFO L203 MainTranslator]: Completed pre-run [2022-07-19 17:25:45,661 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product15.cil.c[17325,17338] [2022-07-19 17:25:45,662 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-19 17:25:45,674 INFO L208 MainTranslator]: Completed translation [2022-07-19 17:25:45,675 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45 WrapperNode [2022-07-19 17:25:45,675 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-19 17:25:45,676 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-19 17:25:45,676 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-19 17:25:45,676 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-19 17:25:45,681 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,691 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,709 INFO L137 Inliner]: procedures = 54, calls = 155, calls flagged for inlining = 21, calls inlined = 17, statements flattened = 221 [2022-07-19 17:25:45,710 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-19 17:25:45,710 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-19 17:25:45,710 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-19 17:25:45,710 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-19 17:25:45,716 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,717 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,719 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,719 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,723 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,727 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,728 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,730 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-19 17:25:45,731 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-19 17:25:45,731 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-19 17:25:45,731 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-19 17:25:45,739 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45" (1/1) ... [2022-07-19 17:25:45,745 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-19 17:25:45,754 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-19 17:25:45,786 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-19 17:25:45,793 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-19 17:25:45,823 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-19 17:25:45,823 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-19 17:25:45,824 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-19 17:25:45,824 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-19 17:25:45,824 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-19 17:25:45,824 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-19 17:25:45,824 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-19 17:25:45,825 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-07-19 17:25:45,826 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-07-19 17:25:45,826 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-07-19 17:25:45,826 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-07-19 17:25:45,826 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-07-19 17:25:45,826 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-07-19 17:25:45,826 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-07-19 17:25:45,826 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-07-19 17:25:45,826 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-19 17:25:45,827 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-19 17:25:45,827 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-19 17:25:45,827 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-19 17:25:45,827 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-19 17:25:45,877 INFO L234 CfgBuilder]: Building ICFG [2022-07-19 17:25:45,878 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-19 17:25:46,123 INFO L275 CfgBuilder]: Performing block encoding [2022-07-19 17:25:46,128 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-19 17:25:46,129 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-19 17:25:46,130 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:25:46 BoogieIcfgContainer [2022-07-19 17:25:46,131 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-19 17:25:46,145 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-19 17:25:46,145 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-19 17:25:46,148 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-19 17:25:46,148 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 19.07 05:25:45" (1/3) ... [2022-07-19 17:25:46,149 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5a47dbc2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.07 05:25:46, skipping insertion in model container [2022-07-19 17:25:46,149 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:45" (2/3) ... [2022-07-19 17:25:46,149 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5a47dbc2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.07 05:25:46, skipping insertion in model container [2022-07-19 17:25:46,149 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:25:46" (3/3) ... [2022-07-19 17:25:46,151 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product15.cil.c [2022-07-19 17:25:46,162 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-19 17:25:46,162 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-19 17:25:46,213 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-19 17:25:46,218 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@6699c216, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@545913c [2022-07-19 17:25:46,218 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-19 17:25:46,222 INFO L276 IsEmpty]: Start isEmpty. Operand has 88 states, 65 states have (on average 1.353846153846154) internal successors, (88), 72 states have internal predecessors, (88), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 11 states have call predecessors, (13), 13 states have call successors, (13) [2022-07-19 17:25:46,230 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-07-19 17:25:46,230 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:46,231 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:46,231 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:46,235 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:46,235 INFO L85 PathProgramCache]: Analyzing trace with hash 1558425907, now seen corresponding path program 1 times [2022-07-19 17:25:46,242 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:46,242 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [68831788] [2022-07-19 17:25:46,242 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:46,243 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:46,329 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,387 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-07-19 17:25:46,389 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,392 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-07-19 17:25:46,395 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,397 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-19 17:25:46,398 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:46,398 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [68831788] [2022-07-19 17:25:46,398 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [68831788] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:46,398 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:46,399 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-19 17:25:46,400 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [748082529] [2022-07-19 17:25:46,401 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:46,404 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-19 17:25:46,404 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:46,428 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-19 17:25:46,430 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-19 17:25:46,433 INFO L87 Difference]: Start difference. First operand has 88 states, 65 states have (on average 1.353846153846154) internal successors, (88), 72 states have internal predecessors, (88), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 11 states have call predecessors, (13), 13 states have call successors, (13) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-19 17:25:46,474 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:46,476 INFO L93 Difference]: Finished difference Result 167 states and 222 transitions. [2022-07-19 17:25:46,476 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-19 17:25:46,478 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-07-19 17:25:46,478 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:46,485 INFO L225 Difference]: With dead ends: 167 [2022-07-19 17:25:46,485 INFO L226 Difference]: Without dead ends: 79 [2022-07-19 17:25:46,489 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-19 17:25:46,492 INFO L413 NwaCegarLoop]: 108 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:46,493 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 108 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:46,505 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2022-07-19 17:25:46,528 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2022-07-19 17:25:46,530 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 58 states have (on average 1.2758620689655173) internal successors, (74), 64 states have internal predecessors, (74), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-07-19 17:25:46,532 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 99 transitions. [2022-07-19 17:25:46,533 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 99 transitions. Word has length 32 [2022-07-19 17:25:46,534 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:46,534 INFO L495 AbstractCegarLoop]: Abstraction has 79 states and 99 transitions. [2022-07-19 17:25:46,534 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-19 17:25:46,534 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 99 transitions. [2022-07-19 17:25:46,537 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-07-19 17:25:46,537 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:46,537 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:46,537 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-19 17:25:46,538 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:46,538 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:46,539 INFO L85 PathProgramCache]: Analyzing trace with hash -1953448931, now seen corresponding path program 1 times [2022-07-19 17:25:46,539 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:46,539 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [287715779] [2022-07-19 17:25:46,539 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:46,539 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:46,561 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,601 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-07-19 17:25:46,603 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,604 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-07-19 17:25:46,606 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,607 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-19 17:25:46,608 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:46,608 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [287715779] [2022-07-19 17:25:46,608 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [287715779] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:46,608 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:46,608 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-19 17:25:46,609 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1377435485] [2022-07-19 17:25:46,609 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:46,610 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-19 17:25:46,610 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:46,610 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-19 17:25:46,611 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:46,611 INFO L87 Difference]: Start difference. First operand 79 states and 99 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-19 17:25:46,621 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:46,621 INFO L93 Difference]: Finished difference Result 119 states and 147 transitions. [2022-07-19 17:25:46,621 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-19 17:25:46,622 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-07-19 17:25:46,622 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:46,623 INFO L225 Difference]: With dead ends: 119 [2022-07-19 17:25:46,623 INFO L226 Difference]: Without dead ends: 70 [2022-07-19 17:25:46,623 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:46,624 INFO L413 NwaCegarLoop]: 86 mSDtfsCounter, 16 mSDsluCounter, 65 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 151 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:46,625 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 151 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:46,625 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 70 states. [2022-07-19 17:25:46,629 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 70 to 70. [2022-07-19 17:25:46,630 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 70 states, 52 states have (on average 1.2884615384615385) internal successors, (67), 58 states have internal predecessors, (67), 10 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2022-07-19 17:25:46,630 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 70 states to 70 states and 87 transitions. [2022-07-19 17:25:46,631 INFO L78 Accepts]: Start accepts. Automaton has 70 states and 87 transitions. Word has length 33 [2022-07-19 17:25:46,631 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:46,631 INFO L495 AbstractCegarLoop]: Abstraction has 70 states and 87 transitions. [2022-07-19 17:25:46,631 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-19 17:25:46,631 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 87 transitions. [2022-07-19 17:25:46,632 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-07-19 17:25:46,632 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:46,632 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:46,633 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-19 17:25:46,633 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:46,633 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:46,633 INFO L85 PathProgramCache]: Analyzing trace with hash -433715612, now seen corresponding path program 1 times [2022-07-19 17:25:46,633 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:46,634 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [680764836] [2022-07-19 17:25:46,634 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:46,634 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:46,650 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,690 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-19 17:25:46,692 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,694 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2022-07-19 17:25:46,694 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,696 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-19 17:25:46,696 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:46,696 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [680764836] [2022-07-19 17:25:46,696 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [680764836] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:46,696 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:46,696 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-19 17:25:46,696 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [729545599] [2022-07-19 17:25:46,696 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:46,697 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-19 17:25:46,697 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:46,697 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-19 17:25:46,697 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-19 17:25:46,697 INFO L87 Difference]: Start difference. First operand 70 states and 87 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-19 17:25:46,812 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:46,812 INFO L93 Difference]: Finished difference Result 240 states and 307 transitions. [2022-07-19 17:25:46,813 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-19 17:25:46,813 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2022-07-19 17:25:46,813 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:46,814 INFO L225 Difference]: With dead ends: 240 [2022-07-19 17:25:46,815 INFO L226 Difference]: Without dead ends: 178 [2022-07-19 17:25:46,815 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-07-19 17:25:46,816 INFO L413 NwaCegarLoop]: 110 mSDtfsCounter, 218 mSDsluCounter, 297 mSDsCounter, 0 mSdLazyCounter, 95 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 218 SdHoareTripleChecker+Valid, 407 SdHoareTripleChecker+Invalid, 127 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 95 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:46,816 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [218 Valid, 407 Invalid, 127 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 95 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-19 17:25:46,817 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 178 states. [2022-07-19 17:25:46,832 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 178 to 172. [2022-07-19 17:25:46,833 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 172 states, 126 states have (on average 1.3253968253968254) internal successors, (167), 140 states have internal predecessors, (167), 26 states have call successors, (26), 19 states have call predecessors, (26), 19 states have return successors, (27), 20 states have call predecessors, (27), 26 states have call successors, (27) [2022-07-19 17:25:46,834 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 172 states to 172 states and 220 transitions. [2022-07-19 17:25:46,834 INFO L78 Accepts]: Start accepts. Automaton has 172 states and 220 transitions. Word has length 37 [2022-07-19 17:25:46,834 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:46,834 INFO L495 AbstractCegarLoop]: Abstraction has 172 states and 220 transitions. [2022-07-19 17:25:46,834 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-19 17:25:46,834 INFO L276 IsEmpty]: Start isEmpty. Operand 172 states and 220 transitions. [2022-07-19 17:25:46,835 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-07-19 17:25:46,836 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:46,836 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:46,836 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-19 17:25:46,836 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:46,836 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:46,836 INFO L85 PathProgramCache]: Analyzing trace with hash 73823245, now seen corresponding path program 1 times [2022-07-19 17:25:46,837 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:46,837 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2111767468] [2022-07-19 17:25:46,837 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:46,837 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:46,854 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,884 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-19 17:25:46,886 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,887 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-07-19 17:25:46,888 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,889 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2022-07-19 17:25:46,890 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:46,897 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-19 17:25:46,898 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:46,898 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2111767468] [2022-07-19 17:25:46,898 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2111767468] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:46,898 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:46,898 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-19 17:25:46,899 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [113279307] [2022-07-19 17:25:46,899 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:46,899 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-19 17:25:46,899 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:46,900 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-19 17:25:46,900 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-07-19 17:25:46,900 INFO L87 Difference]: Start difference. First operand 172 states and 220 transitions. Second operand has 6 states, 6 states have (on average 5.833333333333333) internal successors, (35), 5 states have internal predecessors, (35), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-07-19 17:25:46,949 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:46,949 INFO L93 Difference]: Finished difference Result 304 states and 394 transitions. [2022-07-19 17:25:46,949 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-19 17:25:46,950 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.833333333333333) internal successors, (35), 5 states have internal predecessors, (35), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 42 [2022-07-19 17:25:46,950 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:46,950 INFO L225 Difference]: With dead ends: 304 [2022-07-19 17:25:46,950 INFO L226 Difference]: Without dead ends: 0 [2022-07-19 17:25:46,952 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-07-19 17:25:46,952 INFO L413 NwaCegarLoop]: 58 mSDtfsCounter, 33 mSDsluCounter, 154 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 212 SdHoareTripleChecker+Invalid, 41 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:46,953 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 212 Invalid, 41 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:46,953 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-19 17:25:46,953 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-19 17:25:46,953 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:25:46,954 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-19 17:25:46,954 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 42 [2022-07-19 17:25:46,954 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:46,954 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-19 17:25:46,954 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.833333333333333) internal successors, (35), 5 states have internal predecessors, (35), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-07-19 17:25:46,954 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-19 17:25:46,955 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-19 17:25:46,956 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-19 17:25:46,957 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-19 17:25:46,958 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-19 17:25:47,259 INFO L902 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 619 626) the Hoare annotation is: true [2022-07-19 17:25:47,261 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 619 626) no Hoare annotation was computed. [2022-07-19 17:25:47,261 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 619 626) no Hoare annotation was computed. [2022-07-19 17:25:47,261 INFO L899 garLoopResultBuilder]: For program point L832-1(lines 828 839) no Hoare annotation was computed. [2022-07-19 17:25:47,261 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 828 839) the Hoare annotation is: true [2022-07-19 17:25:47,261 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 828 839) no Hoare annotation was computed. [2022-07-19 17:25:47,261 INFO L899 garLoopResultBuilder]: For program point L923(lines 923 929) no Hoare annotation was computed. [2022-07-19 17:25:47,261 INFO L899 garLoopResultBuilder]: For program point L886(line 886) no Hoare annotation was computed. [2022-07-19 17:25:47,262 INFO L895 garLoopResultBuilder]: At program point L907(lines 900 909) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:25:47,262 INFO L899 garLoopResultBuilder]: For program point L808(lines 808 812) no Hoare annotation was computed. [2022-07-19 17:25:47,263 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 534 560) no Hoare annotation was computed. [2022-07-19 17:25:47,264 INFO L895 garLoopResultBuilder]: At program point L808-2(lines 804 815) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:25:47,264 INFO L899 garLoopResultBuilder]: For program point L548-1(lines 548 554) no Hoare annotation was computed. [2022-07-19 17:25:47,264 INFO L899 garLoopResultBuilder]: For program point L577(lines 577 585) no Hoare annotation was computed. [2022-07-19 17:25:47,264 INFO L899 garLoopResultBuilder]: For program point L573(lines 573 590) no Hoare annotation was computed. [2022-07-19 17:25:47,264 INFO L895 garLoopResultBuilder]: At program point L920(line 920) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:25:47,264 INFO L899 garLoopResultBuilder]: For program point L920-1(line 920) no Hoare annotation was computed. [2022-07-19 17:25:47,264 INFO L895 garLoopResultBuilder]: At program point L887(lines 882 889) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:25:47,265 INFO L899 garLoopResultBuilder]: For program point L541(lines 541 547) no Hoare annotation was computed. [2022-07-19 17:25:47,265 INFO L899 garLoopResultBuilder]: For program point L541-2(lines 537 559) no Hoare annotation was computed. [2022-07-19 17:25:47,265 INFO L895 garLoopResultBuilder]: At program point L905(line 905) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:25:47,265 INFO L899 garLoopResultBuilder]: For program point L905-1(line 905) no Hoare annotation was computed. [2022-07-19 17:25:47,265 INFO L895 garLoopResultBuilder]: At program point L583(line 583) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:25:47,265 INFO L895 garLoopResultBuilder]: At program point L579(line 579) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:25:47,268 INFO L895 garLoopResultBuilder]: At program point L575(line 575) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-07-19 17:25:47,268 INFO L899 garLoopResultBuilder]: For program point L575-1(line 575) no Hoare annotation was computed. [2022-07-19 17:25:47,269 INFO L899 garLoopResultBuilder]: For program point L922(lines 922 932) no Hoare annotation was computed. [2022-07-19 17:25:47,269 INFO L899 garLoopResultBuilder]: For program point L918(lines 918 935) no Hoare annotation was computed. [2022-07-19 17:25:47,269 INFO L895 garLoopResultBuilder]: At program point L918-1(lines 910 938) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:25:47,269 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 534 560) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:25:47,269 INFO L895 garLoopResultBuilder]: At program point L877(lines 872 880) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-07-19 17:25:47,269 INFO L895 garLoopResultBuilder]: At program point L588(line 588) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (not (= 0 ~systemActive~0)))) [2022-07-19 17:25:47,269 INFO L895 garLoopResultBuilder]: At program point L588-1(lines 569 593) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (not (= 0 ~systemActive~0)))) [2022-07-19 17:25:47,270 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 534 560) no Hoare annotation was computed. [2022-07-19 17:25:47,270 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 886) no Hoare annotation was computed. [2022-07-19 17:25:47,270 INFO L902 garLoopResultBuilder]: At program point L66-1(lines 66 70) the Hoare annotation is: true [2022-07-19 17:25:47,270 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 52 81) no Hoare annotation was computed. [2022-07-19 17:25:47,270 INFO L899 garLoopResultBuilder]: For program point L63(line 63) no Hoare annotation was computed. [2022-07-19 17:25:47,270 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 52 81) the Hoare annotation is: true [2022-07-19 17:25:47,270 INFO L902 garLoopResultBuilder]: At program point L62-2(lines 62 76) the Hoare annotation is: true [2022-07-19 17:25:47,271 INFO L902 garLoopResultBuilder]: At program point L58(line 58) the Hoare annotation is: true [2022-07-19 17:25:47,271 INFO L899 garLoopResultBuilder]: For program point L58-1(line 58) no Hoare annotation was computed. [2022-07-19 17:25:47,271 INFO L902 garLoopResultBuilder]: At program point L77(lines 52 81) the Hoare annotation is: true [2022-07-19 17:25:47,271 INFO L899 garLoopResultBuilder]: For program point L73(line 73) no Hoare annotation was computed. [2022-07-19 17:25:47,271 INFO L899 garLoopResultBuilder]: For program point L66(lines 66 70) no Hoare annotation was computed. [2022-07-19 17:25:47,271 INFO L902 garLoopResultBuilder]: At program point L126(lines 118 128) the Hoare annotation is: true [2022-07-19 17:25:47,271 INFO L899 garLoopResultBuilder]: For program point L729(lines 729 735) no Hoare annotation was computed. [2022-07-19 17:25:47,272 INFO L899 garLoopResultBuilder]: For program point L729-1(lines 729 735) no Hoare annotation was computed. [2022-07-19 17:25:47,272 INFO L902 garLoopResultBuilder]: At program point L151(lines 132 154) the Hoare annotation is: true [2022-07-19 17:25:47,272 INFO L895 garLoopResultBuilder]: At program point L754(lines 709 756) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-07-19 17:25:47,272 INFO L895 garLoopResultBuilder]: At program point L721(line 721) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-07-19 17:25:47,272 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-19 17:25:47,272 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-19 17:25:47,272 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-19 17:25:47,273 INFO L895 garLoopResultBuilder]: At program point L796(lines 791 799) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) [2022-07-19 17:25:47,273 INFO L895 garLoopResultBuilder]: At program point L788(lines 784 790) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-07-19 17:25:47,273 INFO L895 garLoopResultBuilder]: At program point L689(line 689) the Hoare annotation is: false [2022-07-19 17:25:47,273 INFO L899 garLoopResultBuilder]: For program point L710(lines 709 756) no Hoare annotation was computed. [2022-07-19 17:25:47,273 INFO L899 garLoopResultBuilder]: For program point L739(lines 739 752) no Hoare annotation was computed. [2022-07-19 17:25:47,273 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-19 17:25:47,273 INFO L895 garLoopResultBuilder]: At program point L731(line 731) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-07-19 17:25:47,274 INFO L902 garLoopResultBuilder]: At program point L760(lines 699 764) the Hoare annotation is: true [2022-07-19 17:25:47,274 INFO L899 garLoopResultBuilder]: For program point L719(lines 719 725) no Hoare annotation was computed. [2022-07-19 17:25:47,274 INFO L899 garLoopResultBuilder]: For program point L719-1(lines 719 725) no Hoare annotation was computed. [2022-07-19 17:25:47,274 INFO L895 garLoopResultBuilder]: At program point L781(lines 777 783) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-07-19 17:25:47,274 INFO L899 garLoopResultBuilder]: For program point L711(lines 711 715) no Hoare annotation was computed. [2022-07-19 17:25:47,274 INFO L895 garLoopResultBuilder]: At program point L897(lines 892 899) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0) (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) [2022-07-19 17:25:47,274 INFO L895 garLoopResultBuilder]: At program point L695(lines 683 697) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-07-19 17:25:47,275 INFO L895 garLoopResultBuilder]: At program point L757(lines 708 758) the Hoare annotation is: false [2022-07-19 17:25:47,275 INFO L895 garLoopResultBuilder]: At program point L113(lines 109 115) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0) (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) [2022-07-19 17:25:47,275 INFO L899 garLoopResultBuilder]: For program point L687(lines 687 693) no Hoare annotation was computed. [2022-07-19 17:25:47,275 INFO L899 garLoopResultBuilder]: For program point L142(lines 142 149) no Hoare annotation was computed. [2022-07-19 17:25:47,275 INFO L899 garLoopResultBuilder]: For program point L687-1(lines 687 693) no Hoare annotation was computed. [2022-07-19 17:25:47,275 INFO L899 garLoopResultBuilder]: For program point L142-2(lines 142 149) no Hoare annotation was computed. [2022-07-19 17:25:47,275 INFO L899 garLoopResultBuilder]: For program point L745(lines 745 751) no Hoare annotation was computed. [2022-07-19 17:25:47,276 INFO L895 garLoopResultBuilder]: At program point L745-2(lines 739 752) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-07-19 17:25:47,276 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 816 827) no Hoare annotation was computed. [2022-07-19 17:25:47,276 INFO L902 garLoopResultBuilder]: At program point waterRiseENTRY(lines 816 827) the Hoare annotation is: true [2022-07-19 17:25:47,276 INFO L899 garLoopResultBuilder]: For program point L820-1(lines 816 827) no Hoare annotation was computed. [2022-07-19 17:25:47,276 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 561 567) no Hoare annotation was computed. [2022-07-19 17:25:47,276 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__methaneQueryFINAL(lines 561 567) the Hoare annotation is: true [2022-07-19 17:25:47,276 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 638 646) no Hoare annotation was computed. [2022-07-19 17:25:47,276 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 638 646) the Hoare annotation is: true [2022-07-19 17:25:47,277 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 638 646) no Hoare annotation was computed. [2022-07-19 17:25:47,277 INFO L902 garLoopResultBuilder]: At program point isMethaneAlarmENTRY(lines 627 637) the Hoare annotation is: true [2022-07-19 17:25:47,277 INFO L902 garLoopResultBuilder]: At program point L845(lines 840 848) the Hoare annotation is: true [2022-07-19 17:25:47,277 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 627 637) no Hoare annotation was computed. [2022-07-19 17:25:47,277 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmFINAL(lines 627 637) no Hoare annotation was computed. [2022-07-19 17:25:47,279 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1] [2022-07-19 17:25:47,281 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-19 17:25:47,290 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 19.07 05:25:47 BoogieIcfgContainer [2022-07-19 17:25:47,296 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-19 17:25:47,296 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-19 17:25:47,296 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-19 17:25:47,297 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-19 17:25:47,297 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:25:46" (3/4) ... [2022-07-19 17:25:47,299 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-19 17:25:47,302 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-07-19 17:25:47,303 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-19 17:25:47,303 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-19 17:25:47,303 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-19 17:25:47,303 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-19 17:25:47,304 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2022-07-19 17:25:47,304 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-07-19 17:25:47,304 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2022-07-19 17:25:47,308 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 48 nodes and edges [2022-07-19 17:25:47,310 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-19 17:25:47,311 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-19 17:25:47,311 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-19 17:25:47,311 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-19 17:25:47,311 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-19 17:25:47,312 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-19 17:25:47,328 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (pumpRunning == 0 && 1 == systemActive) && \result == systemActive [2022-07-19 17:25:47,328 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive [2022-07-19 17:25:47,328 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive [2022-07-19 17:25:47,330 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || pumpRunning == 0 [2022-07-19 17:25:47,330 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) [2022-07-19 17:25:47,331 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || pumpRunning == 0 [2022-07-19 17:25:47,331 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || (pumpRunning == 0 && !(0 == systemActive)) [2022-07-19 17:25:47,331 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) [2022-07-19 17:25:47,332 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || pumpRunning == 0 [2022-07-19 17:25:47,350 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-19 17:25:47,350 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-19 17:25:47,351 INFO L158 Benchmark]: Toolchain (without parser) took 1978.98ms. Allocated memory was 88.1MB in the beginning and 121.6MB in the end (delta: 33.6MB). Free memory was 64.6MB in the beginning and 48.2MB in the end (delta: 16.4MB). Peak memory consumption was 48.4MB. Max. memory is 16.1GB. [2022-07-19 17:25:47,351 INFO L158 Benchmark]: CDTParser took 0.20ms. Allocated memory is still 88.1MB. Free memory was 63.1MB in the beginning and 63.0MB in the end (delta: 35.1kB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-19 17:25:47,351 INFO L158 Benchmark]: CACSL2BoogieTranslator took 302.43ms. Allocated memory is still 88.1MB. Free memory was 64.3MB in the beginning and 54.8MB in the end (delta: 9.5MB). Peak memory consumption was 9.1MB. Max. memory is 16.1GB. [2022-07-19 17:25:47,351 INFO L158 Benchmark]: Boogie Procedure Inliner took 34.03ms. Allocated memory is still 88.1MB. Free memory was 54.6MB in the beginning and 52.3MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-19 17:25:47,352 INFO L158 Benchmark]: Boogie Preprocessor took 19.81ms. Allocated memory is still 88.1MB. Free memory was 52.3MB in the beginning and 50.8MB in the end (delta: 1.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-19 17:25:47,352 INFO L158 Benchmark]: RCFGBuilder took 400.16ms. Allocated memory is still 88.1MB. Free memory was 50.8MB in the beginning and 35.2MB in the end (delta: 15.6MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2022-07-19 17:25:47,353 INFO L158 Benchmark]: TraceAbstraction took 1150.94ms. Allocated memory is still 121.6MB. Free memory was 97.4MB in the beginning and 53.4MB in the end (delta: 44.1MB). Peak memory consumption was 43.2MB. Max. memory is 16.1GB. [2022-07-19 17:25:47,354 INFO L158 Benchmark]: Witness Printer took 54.00ms. Allocated memory is still 121.6MB. Free memory was 53.4MB in the beginning and 48.2MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-07-19 17:25:47,356 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.20ms. Allocated memory is still 88.1MB. Free memory was 63.1MB in the beginning and 63.0MB in the end (delta: 35.1kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 302.43ms. Allocated memory is still 88.1MB. Free memory was 64.3MB in the beginning and 54.8MB in the end (delta: 9.5MB). Peak memory consumption was 9.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 34.03ms. Allocated memory is still 88.1MB. Free memory was 54.6MB in the beginning and 52.3MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 19.81ms. Allocated memory is still 88.1MB. Free memory was 52.3MB in the beginning and 50.8MB in the end (delta: 1.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 400.16ms. Allocated memory is still 88.1MB. Free memory was 50.8MB in the beginning and 35.2MB in the end (delta: 15.6MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * TraceAbstraction took 1150.94ms. Allocated memory is still 121.6MB. Free memory was 97.4MB in the beginning and 53.4MB in the end (delta: 44.1MB). Peak memory consumption was 43.2MB. Max. memory is 16.1GB. * Witness Printer took 54.00ms. Allocated memory is still 121.6MB. Free memory was 53.4MB in the beginning and 48.2MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 886]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 88 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 1.1s, OverallIterations: 4, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.3s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 272 SdHoareTripleChecker+Valid, 0.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 267 mSDsluCounter, 878 SdHoareTripleChecker+Invalid, 0.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 516 mSDsCounter, 36 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 133 IncrementalHoareTripleChecker+Invalid, 169 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 36 mSolverCounterUnsat, 362 mSDtfsCounter, 133 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 38 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=172occurred in iteration=3, InterpolantAutomatonStates: 17, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 4 MinimizatonAttempts, 6 StatesRemovedByMinimization, 1 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 40 LocationsWithAnnotation, 247 PreInvPairs, 286 NumberOfFragments, 196 HoareAnnotationTreeSize, 247 FomulaSimplifications, 45 FormulaSimplificationTreeSizeReduction, 0.0s HoareSimplificationTime, 40 FomulaSimplificationsInter, 615 FormulaSimplificationTreeSizeReductionInter, 0.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.2s InterpolantComputationTime, 144 NumberOfCodeBlocks, 144 NumberOfCodeBlocksAsserted, 4 NumberOfCheckSat, 140 ConstructedInterpolants, 0 QuantifiedInterpolants, 271 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 4 InterpolantComputations, 4 PerfectInterpolantSequences, 12/12 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 791]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && \result == systemActive - InvariantResult [Line: 118]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 52]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 840]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 709]: Loop Invariant Derived loop invariant: pumpRunning == 0 && splverifierCounter == 0 - InvariantResult [Line: 699]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 900]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || pumpRunning == 0 - InvariantResult [Line: 882]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) - InvariantResult [Line: 892]: Loop Invariant Derived loop invariant: ((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive - InvariantResult [Line: 708]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 569]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || (pumpRunning == 0 && !(0 == systemActive)) - InvariantResult [Line: 910]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || pumpRunning == 0 - InvariantResult [Line: 872]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || pumpRunning == 0 - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: ((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive - InvariantResult [Line: 683]: Loop Invariant Derived loop invariant: pumpRunning == 0 && splverifierCounter == 0 - InvariantResult [Line: 777]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive - InvariantResult [Line: 804]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 784]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive - InvariantResult [Line: 132]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-07-19 17:25:47,403 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE