./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version f4b24e32 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 5bb0c67d0f3b897df6aba0c402ea453b42e61f1d6e102d991db16c73430a771e --- Real Ultimate output --- This is Ultimate 0.2.2-?-f4b24e3 [2022-07-13 17:59:48,943 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-13 17:59:48,944 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-13 17:59:48,964 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-13 17:59:48,964 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-13 17:59:48,965 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-13 17:59:48,966 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-13 17:59:48,967 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-13 17:59:48,972 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-13 17:59:48,972 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-13 17:59:48,973 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-13 17:59:48,976 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-13 17:59:48,976 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-13 17:59:48,977 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-13 17:59:48,978 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-13 17:59:48,979 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-13 17:59:48,980 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-13 17:59:48,983 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-13 17:59:48,984 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-13 17:59:48,992 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-13 17:59:48,995 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-13 17:59:49,000 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-13 17:59:49,003 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-13 17:59:49,003 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-13 17:59:49,004 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-13 17:59:49,007 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-13 17:59:49,008 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-13 17:59:49,008 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-13 17:59:49,009 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-13 17:59:49,009 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-13 17:59:49,010 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-13 17:59:49,011 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-13 17:59:49,011 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-13 17:59:49,012 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-13 17:59:49,013 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-13 17:59:49,013 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-13 17:59:49,013 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-13 17:59:49,014 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-13 17:59:49,014 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-13 17:59:49,014 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-13 17:59:49,015 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-13 17:59:49,016 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-13 17:59:49,017 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-13 17:59:49,035 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-13 17:59:49,035 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-13 17:59:49,035 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-13 17:59:49,035 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-13 17:59:49,036 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-13 17:59:49,036 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-13 17:59:49,037 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-13 17:59:49,037 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-13 17:59:49,037 INFO L138 SettingsManager]: * Use SBE=true [2022-07-13 17:59:49,037 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-13 17:59:49,037 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-13 17:59:49,037 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-13 17:59:49,038 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-13 17:59:49,038 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-13 17:59:49,038 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-13 17:59:49,038 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-13 17:59:49,038 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-13 17:59:49,038 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-13 17:59:49,038 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-13 17:59:49,039 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-13 17:59:49,039 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-13 17:59:49,042 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-13 17:59:49,042 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-13 17:59:49,042 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-13 17:59:49,042 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-13 17:59:49,043 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-13 17:59:49,043 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-13 17:59:49,043 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-13 17:59:49,043 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-13 17:59:49,044 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-13 17:59:49,044 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-13 17:59:49,044 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-13 17:59:49,044 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-13 17:59:49,044 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 5bb0c67d0f3b897df6aba0c402ea453b42e61f1d6e102d991db16c73430a771e [2022-07-13 17:59:49,255 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-13 17:59:49,278 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-13 17:59:49,281 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-13 17:59:49,282 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-13 17:59:49,282 INFO L275 PluginConnector]: CDTParser initialized [2022-07-13 17:59:49,283 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c [2022-07-13 17:59:49,348 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/016b10ec7/3714e3acdcc84174b06b0c160b9adeb2/FLAG686e98aa5 [2022-07-13 17:59:49,720 INFO L306 CDTParser]: Found 1 translation units. [2022-07-13 17:59:49,721 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c [2022-07-13 17:59:49,730 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/016b10ec7/3714e3acdcc84174b06b0c160b9adeb2/FLAG686e98aa5 [2022-07-13 17:59:49,742 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/016b10ec7/3714e3acdcc84174b06b0c160b9adeb2 [2022-07-13 17:59:49,744 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-13 17:59:49,745 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-13 17:59:49,746 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-13 17:59:49,747 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-13 17:59:49,749 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-13 17:59:49,749 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.07 05:59:49" (1/1) ... [2022-07-13 17:59:49,750 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@51d2fb15 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:49, skipping insertion in model container [2022-07-13 17:59:49,750 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.07 05:59:49" (1/1) ... [2022-07-13 17:59:49,754 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-13 17:59:49,779 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-13 17:59:49,960 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c[14361,14374] [2022-07-13 17:59:49,983 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-13 17:59:49,989 INFO L203 MainTranslator]: Completed pre-run [2022-07-13 17:59:50,045 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product20.cil.c[14361,14374] [2022-07-13 17:59:50,053 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-13 17:59:50,071 INFO L208 MainTranslator]: Completed translation [2022-07-13 17:59:50,071 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50 WrapperNode [2022-07-13 17:59:50,072 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-13 17:59:50,073 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-13 17:59:50,073 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-13 17:59:50,073 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-13 17:59:50,079 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50" (1/1) ... [2022-07-13 17:59:50,099 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50" (1/1) ... [2022-07-13 17:59:50,137 INFO L137 Inliner]: procedures = 54, calls = 152, calls flagged for inlining = 22, calls inlined = 18, statements flattened = 225 [2022-07-13 17:59:50,137 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-13 17:59:50,138 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-13 17:59:50,139 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-13 17:59:50,139 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-13 17:59:50,146 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50" (1/1) ... [2022-07-13 17:59:50,147 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50" (1/1) ... [2022-07-13 17:59:50,159 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50" (1/1) ... [2022-07-13 17:59:50,159 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50" (1/1) ... [2022-07-13 17:59:50,171 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50" (1/1) ... [2022-07-13 17:59:50,175 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50" (1/1) ... [2022-07-13 17:59:50,176 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50" (1/1) ... [2022-07-13 17:59:50,178 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-13 17:59:50,179 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-13 17:59:50,179 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-13 17:59:50,179 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-13 17:59:50,180 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50" (1/1) ... [2022-07-13 17:59:50,188 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-13 17:59:50,200 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-13 17:59:50,209 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-13 17:59:50,211 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-13 17:59:50,233 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-13 17:59:50,233 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-13 17:59:50,234 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-13 17:59:50,234 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-13 17:59:50,234 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-13 17:59:50,234 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-13 17:59:50,234 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-13 17:59:50,234 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-13 17:59:50,234 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-13 17:59:50,234 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-07-13 17:59:50,235 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-07-13 17:59:50,235 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-13 17:59:50,235 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-13 17:59:50,235 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-13 17:59:50,235 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-13 17:59:50,235 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-13 17:59:50,309 INFO L234 CfgBuilder]: Building ICFG [2022-07-13 17:59:50,311 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-13 17:59:50,550 INFO L275 CfgBuilder]: Performing block encoding [2022-07-13 17:59:50,555 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-13 17:59:50,555 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-13 17:59:50,556 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.07 05:59:50 BoogieIcfgContainer [2022-07-13 17:59:50,557 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-13 17:59:50,558 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-13 17:59:50,558 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-13 17:59:50,566 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-13 17:59:50,567 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 13.07 05:59:49" (1/3) ... [2022-07-13 17:59:50,567 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1f72f9b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.07 05:59:50, skipping insertion in model container [2022-07-13 17:59:50,567 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:50" (2/3) ... [2022-07-13 17:59:50,568 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1f72f9b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.07 05:59:50, skipping insertion in model container [2022-07-13 17:59:50,568 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.07 05:59:50" (3/3) ... [2022-07-13 17:59:50,569 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product20.cil.c [2022-07-13 17:59:50,579 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-13 17:59:50,579 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-13 17:59:50,636 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-13 17:59:50,643 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@127421e6, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@6652043d [2022-07-13 17:59:50,643 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-13 17:59:50,652 INFO L276 IsEmpty]: Start isEmpty. Operand has 77 states, 59 states have (on average 1.3898305084745763) internal successors, (82), 66 states have internal predecessors, (82), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2022-07-13 17:59:50,660 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-07-13 17:59:50,660 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:50,661 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:50,662 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:50,666 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:50,667 INFO L85 PathProgramCache]: Analyzing trace with hash -1506660750, now seen corresponding path program 1 times [2022-07-13 17:59:50,678 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:50,678 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1885145779] [2022-07-13 17:59:50,678 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:50,679 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:50,795 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:50,855 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:50,856 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:50,856 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1885145779] [2022-07-13 17:59:50,857 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1885145779] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-13 17:59:50,857 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-13 17:59:50,857 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-13 17:59:50,859 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [602626383] [2022-07-13 17:59:50,859 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-13 17:59:50,863 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-13 17:59:50,864 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:50,890 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-13 17:59:50,891 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-13 17:59:50,893 INFO L87 Difference]: Start difference. First operand has 77 states, 59 states have (on average 1.3898305084745763) internal successors, (82), 66 states have internal predecessors, (82), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:50,924 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:50,924 INFO L93 Difference]: Finished difference Result 146 states and 199 transitions. [2022-07-13 17:59:50,925 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-13 17:59:50,926 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-07-13 17:59:50,926 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:50,939 INFO L225 Difference]: With dead ends: 146 [2022-07-13 17:59:50,939 INFO L226 Difference]: Without dead ends: 68 [2022-07-13 17:59:50,943 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-13 17:59:50,946 INFO L413 NwaCegarLoop]: 96 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 96 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:50,946 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-13 17:59:50,959 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2022-07-13 17:59:50,993 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2022-07-13 17:59:50,994 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 68 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 58 states have internal predecessors, (68), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-07-13 17:59:51,000 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 87 transitions. [2022-07-13 17:59:51,002 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 87 transitions. Word has length 19 [2022-07-13 17:59:51,002 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:51,002 INFO L495 AbstractCegarLoop]: Abstraction has 68 states and 87 transitions. [2022-07-13 17:59:51,003 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:51,003 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 87 transitions. [2022-07-13 17:59:51,005 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-07-13 17:59:51,005 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:51,005 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:51,006 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-13 17:59:51,006 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:51,006 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:51,007 INFO L85 PathProgramCache]: Analyzing trace with hash 1702349577, now seen corresponding path program 1 times [2022-07-13 17:59:51,007 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:51,007 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1723635241] [2022-07-13 17:59:51,007 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:51,008 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:51,039 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:51,068 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:51,069 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:51,069 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1723635241] [2022-07-13 17:59:51,069 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1723635241] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-13 17:59:51,070 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-13 17:59:51,070 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-13 17:59:51,070 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1594603681] [2022-07-13 17:59:51,070 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-13 17:59:51,071 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-13 17:59:51,071 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:51,073 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-13 17:59:51,073 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-13 17:59:51,073 INFO L87 Difference]: Start difference. First operand 68 states and 87 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:51,087 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:51,088 INFO L93 Difference]: Finished difference Result 97 states and 123 transitions. [2022-07-13 17:59:51,089 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-13 17:59:51,089 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2022-07-13 17:59:51,090 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:51,092 INFO L225 Difference]: With dead ends: 97 [2022-07-13 17:59:51,092 INFO L226 Difference]: Without dead ends: 59 [2022-07-13 17:59:51,093 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-13 17:59:51,094 INFO L413 NwaCegarLoop]: 74 mSDtfsCounter, 17 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:51,096 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 126 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-13 17:59:51,097 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-07-13 17:59:51,102 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2022-07-13 17:59:51,103 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 46 states have (on average 1.326086956521739) internal successors, (61), 52 states have internal predecessors, (61), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2022-07-13 17:59:51,104 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 75 transitions. [2022-07-13 17:59:51,104 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 75 transitions. Word has length 20 [2022-07-13 17:59:51,104 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:51,104 INFO L495 AbstractCegarLoop]: Abstraction has 59 states and 75 transitions. [2022-07-13 17:59:51,104 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:51,105 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 75 transitions. [2022-07-13 17:59:51,105 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-07-13 17:59:51,105 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:51,105 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:51,105 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-13 17:59:51,106 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:51,106 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:51,106 INFO L85 PathProgramCache]: Analyzing trace with hash -992613126, now seen corresponding path program 1 times [2022-07-13 17:59:51,106 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:51,106 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1663508626] [2022-07-13 17:59:51,106 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:51,106 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:51,126 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:51,180 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:51,181 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:51,181 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1663508626] [2022-07-13 17:59:51,181 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1663508626] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-13 17:59:51,181 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-13 17:59:51,182 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-13 17:59:51,182 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1795350361] [2022-07-13 17:59:51,187 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-13 17:59:51,187 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-13 17:59:51,188 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:51,188 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-13 17:59:51,189 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-13 17:59:51,189 INFO L87 Difference]: Start difference. First operand 59 states and 75 transitions. Second operand has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:51,433 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:51,433 INFO L93 Difference]: Finished difference Result 215 states and 287 transitions. [2022-07-13 17:59:51,434 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-13 17:59:51,434 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 25 [2022-07-13 17:59:51,434 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:51,436 INFO L225 Difference]: With dead ends: 215 [2022-07-13 17:59:51,436 INFO L226 Difference]: Without dead ends: 163 [2022-07-13 17:59:51,437 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-07-13 17:59:51,437 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 176 mSDsluCounter, 326 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 176 SdHoareTripleChecker+Valid, 420 SdHoareTripleChecker+Invalid, 105 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:51,438 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [176 Valid, 420 Invalid, 105 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-07-13 17:59:51,438 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 163 states. [2022-07-13 17:59:51,455 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 163 to 141. [2022-07-13 17:59:51,456 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 141 states, 108 states have (on average 1.3703703703703705) internal successors, (148), 122 states have internal predecessors, (148), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 12 states have call predecessors, (19), 18 states have call successors, (19) [2022-07-13 17:59:51,457 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 141 states to 141 states and 185 transitions. [2022-07-13 17:59:51,457 INFO L78 Accepts]: Start accepts. Automaton has 141 states and 185 transitions. Word has length 25 [2022-07-13 17:59:51,457 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:51,457 INFO L495 AbstractCegarLoop]: Abstraction has 141 states and 185 transitions. [2022-07-13 17:59:51,457 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:51,458 INFO L276 IsEmpty]: Start isEmpty. Operand 141 states and 185 transitions. [2022-07-13 17:59:51,458 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-07-13 17:59:51,458 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:51,458 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:51,459 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-13 17:59:51,459 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:51,466 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:51,466 INFO L85 PathProgramCache]: Analyzing trace with hash -2068590127, now seen corresponding path program 1 times [2022-07-13 17:59:51,467 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:51,467 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1504831633] [2022-07-13 17:59:51,467 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:51,467 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:51,480 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:51,556 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:51,556 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:51,556 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1504831633] [2022-07-13 17:59:51,556 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1504831633] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-13 17:59:51,556 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-13 17:59:51,556 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-07-13 17:59:51,556 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [636434098] [2022-07-13 17:59:51,557 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-13 17:59:51,557 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-13 17:59:51,557 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:51,557 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-13 17:59:51,557 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-07-13 17:59:51,557 INFO L87 Difference]: Start difference. First operand 141 states and 185 transitions. Second operand has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:51,751 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:51,752 INFO L93 Difference]: Finished difference Result 527 states and 736 transitions. [2022-07-13 17:59:51,752 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-07-13 17:59:51,752 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 28 [2022-07-13 17:59:51,753 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:51,762 INFO L225 Difference]: With dead ends: 527 [2022-07-13 17:59:51,762 INFO L226 Difference]: Without dead ends: 393 [2022-07-13 17:59:51,765 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=51, Invalid=131, Unknown=0, NotChecked=0, Total=182 [2022-07-13 17:59:51,767 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 188 mSDsluCounter, 388 mSDsCounter, 0 mSdLazyCounter, 126 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 188 SdHoareTripleChecker+Valid, 468 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 126 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:51,769 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [188 Valid, 468 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-13 17:59:51,772 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 393 states. [2022-07-13 17:59:51,799 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 393 to 378. [2022-07-13 17:59:51,800 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 378 states, 287 states have (on average 1.3449477351916377) internal successors, (386), 324 states have internal predecessors, (386), 51 states have call successors, (51), 39 states have call predecessors, (51), 39 states have return successors, (65), 33 states have call predecessors, (65), 51 states have call successors, (65) [2022-07-13 17:59:51,801 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 378 states to 378 states and 502 transitions. [2022-07-13 17:59:51,802 INFO L78 Accepts]: Start accepts. Automaton has 378 states and 502 transitions. Word has length 28 [2022-07-13 17:59:51,802 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:51,802 INFO L495 AbstractCegarLoop]: Abstraction has 378 states and 502 transitions. [2022-07-13 17:59:51,802 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:51,802 INFO L276 IsEmpty]: Start isEmpty. Operand 378 states and 502 transitions. [2022-07-13 17:59:51,804 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-07-13 17:59:51,804 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:51,804 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:51,804 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-13 17:59:51,804 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:51,806 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:51,806 INFO L85 PathProgramCache]: Analyzing trace with hash -1789142954, now seen corresponding path program 1 times [2022-07-13 17:59:51,806 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:51,807 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [677755765] [2022-07-13 17:59:51,807 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:51,807 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:51,818 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:51,851 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:51,852 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:51,852 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [677755765] [2022-07-13 17:59:51,852 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [677755765] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-13 17:59:51,852 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-13 17:59:51,852 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-13 17:59:51,853 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1913255471] [2022-07-13 17:59:51,853 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-13 17:59:51,854 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-13 17:59:51,854 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:51,854 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-13 17:59:51,855 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-13 17:59:51,855 INFO L87 Difference]: Start difference. First operand 378 states and 502 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:51,874 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:51,874 INFO L93 Difference]: Finished difference Result 656 states and 885 transitions. [2022-07-13 17:59:51,875 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-13 17:59:51,875 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 30 [2022-07-13 17:59:51,876 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:51,877 INFO L225 Difference]: With dead ends: 656 [2022-07-13 17:59:51,879 INFO L226 Difference]: Without dead ends: 285 [2022-07-13 17:59:51,881 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-13 17:59:51,885 INFO L413 NwaCegarLoop]: 50 mSDtfsCounter, 34 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 50 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:51,886 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 50 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-13 17:59:51,887 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2022-07-13 17:59:51,907 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 279. [2022-07-13 17:59:51,908 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 279 states, 218 states have (on average 1.261467889908257) internal successors, (275), 234 states have internal predecessors, (275), 30 states have call successors, (30), 30 states have call predecessors, (30), 30 states have return successors, (36), 30 states have call predecessors, (36), 30 states have call successors, (36) [2022-07-13 17:59:51,909 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 279 states to 279 states and 341 transitions. [2022-07-13 17:59:51,909 INFO L78 Accepts]: Start accepts. Automaton has 279 states and 341 transitions. Word has length 30 [2022-07-13 17:59:51,909 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:51,909 INFO L495 AbstractCegarLoop]: Abstraction has 279 states and 341 transitions. [2022-07-13 17:59:51,909 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:51,910 INFO L276 IsEmpty]: Start isEmpty. Operand 279 states and 341 transitions. [2022-07-13 17:59:51,911 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2022-07-13 17:59:51,914 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:51,914 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:51,914 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-13 17:59:51,914 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:51,915 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:51,915 INFO L85 PathProgramCache]: Analyzing trace with hash 1403719521, now seen corresponding path program 1 times [2022-07-13 17:59:51,915 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:51,915 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [44168792] [2022-07-13 17:59:51,915 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:51,916 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:51,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:51,968 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2022-07-13 17:59:51,970 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:51,980 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-13 17:59:51,982 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:51,996 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2022-07-13 17:59:51,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:52,013 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-07-13 17:59:52,013 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:52,013 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [44168792] [2022-07-13 17:59:52,013 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [44168792] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-13 17:59:52,013 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1268551473] [2022-07-13 17:59:52,014 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:52,014 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-13 17:59:52,014 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-13 17:59:52,015 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-13 17:59:52,016 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-13 17:59:52,102 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:52,105 INFO L263 TraceCheckSpWp]: Trace formula consists of 370 conjuncts, 9 conjunts are in the unsatisfiable core [2022-07-13 17:59:52,115 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-13 17:59:52,271 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 16 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-13 17:59:52,271 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-13 17:59:52,459 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 16 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:52,460 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1268551473] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-13 17:59:52,460 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-13 17:59:52,460 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6, 7] total 15 [2022-07-13 17:59:52,460 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1468993032] [2022-07-13 17:59:52,460 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-13 17:59:52,461 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-07-13 17:59:52,461 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:52,461 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-07-13 17:59:52,461 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=162, Unknown=0, NotChecked=0, Total=210 [2022-07-13 17:59:52,462 INFO L87 Difference]: Start difference. First operand 279 states and 341 transitions. Second operand has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-13 17:59:52,632 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:52,632 INFO L93 Difference]: Finished difference Result 377 states and 459 transitions. [2022-07-13 17:59:52,632 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-13 17:59:52,633 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 54 [2022-07-13 17:59:52,633 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:52,633 INFO L225 Difference]: With dead ends: 377 [2022-07-13 17:59:52,633 INFO L226 Difference]: Without dead ends: 0 [2022-07-13 17:59:52,634 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 124 GetRequests, 105 SyntacticMatches, 1 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=281, Unknown=0, NotChecked=0, Total=380 [2022-07-13 17:59:52,634 INFO L413 NwaCegarLoop]: 71 mSDtfsCounter, 130 mSDsluCounter, 348 mSDsCounter, 0 mSdLazyCounter, 187 mSolverCounterSat, 49 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 419 SdHoareTripleChecker+Invalid, 236 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 49 IncrementalHoareTripleChecker+Valid, 187 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:52,635 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 419 Invalid, 236 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [49 Valid, 187 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-13 17:59:52,635 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-13 17:59:52,635 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-13 17:59:52,635 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:52,636 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-13 17:59:52,636 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 54 [2022-07-13 17:59:52,636 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:52,636 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-13 17:59:52,636 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 6.0) internal successors, (90), 12 states have internal predecessors, (90), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-13 17:59:52,636 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-13 17:59:52,636 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-13 17:59:52,638 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-13 17:59:52,658 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-13 17:59:52,853 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2022-07-13 17:59:52,855 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-13 17:59:53,660 INFO L902 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 757 764) the Hoare annotation is: true [2022-07-13 17:59:53,660 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 757 764) no Hoare annotation was computed. [2022-07-13 17:59:53,661 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 757 764) no Hoare annotation was computed. [2022-07-13 17:59:53,661 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 716 722) no Hoare annotation was computed. [2022-07-13 17:59:53,661 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 716 722) the Hoare annotation is: true [2022-07-13 17:59:53,661 INFO L899 garLoopResultBuilder]: For program point L125-1(lines 121 132) no Hoare annotation was computed. [2022-07-13 17:59:53,661 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 121 132) the Hoare annotation is: true [2022-07-13 17:59:53,661 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 121 132) no Hoare annotation was computed. [2022-07-13 17:59:53,661 INFO L899 garLoopResultBuilder]: For program point L671(lines 671 677) no Hoare annotation was computed. [2022-07-13 17:59:53,664 INFO L899 garLoopResultBuilder]: For program point L667(lines 667 680) no Hoare annotation was computed. [2022-07-13 17:59:53,665 INFO L895 garLoopResultBuilder]: At program point L667-1(lines 659 683) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0))) (.cse3 (not (= |timeShift_getWaterLevel_#res#1| 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 .cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-13 17:59:53,665 INFO L899 garLoopResultBuilder]: For program point L696-1(lines 695 714) no Hoare annotation was computed. [2022-07-13 17:59:53,666 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 692 715) no Hoare annotation was computed. [2022-07-13 17:59:53,668 INFO L895 garLoopResultBuilder]: At program point L738(line 738) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 17:59:53,668 INFO L895 garLoopResultBuilder]: At program point L734(line 734) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 17:59:53,668 INFO L895 garLoopResultBuilder]: At program point L743(line 743) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-13 17:59:53,669 INFO L895 garLoopResultBuilder]: At program point L743-1(lines 724 748) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-13 17:59:53,669 INFO L899 garLoopResultBuilder]: For program point L830(lines 830 834) no Hoare annotation was computed. [2022-07-13 17:59:53,669 INFO L899 garLoopResultBuilder]: For program point L830-2(lines 830 834) no Hoare annotation was computed. [2022-07-13 17:59:53,669 INFO L895 garLoopResultBuilder]: At program point L781(lines 776 784) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 17:59:53,669 INFO L899 garLoopResultBuilder]: For program point L653(line 653) no Hoare annotation was computed. [2022-07-13 17:59:53,669 INFO L895 garLoopResultBuilder]: At program point L170(lines 165 173) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_getWaterLevel_#res#1| 0)))) (and (or .cse0 (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 (= ~waterLevel~0 1))))) [2022-07-13 17:59:53,669 INFO L899 garLoopResultBuilder]: For program point L703-1(lines 703 709) no Hoare annotation was computed. [2022-07-13 17:59:53,669 INFO L899 garLoopResultBuilder]: For program point L732(lines 732 740) no Hoare annotation was computed. [2022-07-13 17:59:53,669 INFO L899 garLoopResultBuilder]: For program point L728(lines 728 745) no Hoare annotation was computed. [2022-07-13 17:59:53,669 INFO L895 garLoopResultBuilder]: At program point L179(lines 174 182) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 17:59:53,669 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 692 715) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-13 17:59:53,670 INFO L895 garLoopResultBuilder]: At program point L654(lines 649 656) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 17:59:53,670 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 692 715) no Hoare annotation was computed. [2022-07-13 17:59:53,670 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 653) no Hoare annotation was computed. [2022-07-13 17:59:53,670 INFO L899 garLoopResultBuilder]: For program point L101(lines 101 105) no Hoare annotation was computed. [2022-07-13 17:59:53,670 INFO L895 garLoopResultBuilder]: At program point L836(lines 821 839) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 17:59:53,670 INFO L895 garLoopResultBuilder]: At program point L101-2(lines 97 108) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 17:59:53,670 INFO L902 garLoopResultBuilder]: At program point L192(line 192) the Hoare annotation is: true [2022-07-13 17:59:53,670 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 186 215) no Hoare annotation was computed. [2022-07-13 17:59:53,670 INFO L899 garLoopResultBuilder]: For program point L192-1(line 192) no Hoare annotation was computed. [2022-07-13 17:59:53,670 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 186 215) the Hoare annotation is: true [2022-07-13 17:59:53,670 INFO L902 garLoopResultBuilder]: At program point L211(lines 186 215) the Hoare annotation is: true [2022-07-13 17:59:53,670 INFO L899 garLoopResultBuilder]: For program point L207(line 207) no Hoare annotation was computed. [2022-07-13 17:59:53,670 INFO L899 garLoopResultBuilder]: For program point L200(lines 200 204) no Hoare annotation was computed. [2022-07-13 17:59:53,671 INFO L902 garLoopResultBuilder]: At program point L200-1(lines 200 204) the Hoare annotation is: true [2022-07-13 17:59:53,671 INFO L899 garLoopResultBuilder]: For program point L197(line 197) no Hoare annotation was computed. [2022-07-13 17:59:53,671 INFO L902 garLoopResultBuilder]: At program point L196-2(lines 196 210) the Hoare annotation is: true [2022-07-13 17:59:53,671 INFO L902 garLoopResultBuilder]: At program point L927(lines 864 931) the Hoare annotation is: true [2022-07-13 17:59:53,671 INFO L899 garLoopResultBuilder]: For program point L894(lines 894 900) no Hoare annotation was computed. [2022-07-13 17:59:53,671 INFO L899 garLoopResultBuilder]: For program point L894-1(lines 894 900) no Hoare annotation was computed. [2022-07-13 17:59:53,671 INFO L895 garLoopResultBuilder]: At program point L886(line 886) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-13 17:59:53,671 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-13 17:59:53,671 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-13 17:59:53,671 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-13 17:59:53,671 INFO L895 garLoopResultBuilder]: At program point L924(lines 873 925) the Hoare annotation is: false [2022-07-13 17:59:53,671 INFO L899 garLoopResultBuilder]: For program point L912(lines 912 918) no Hoare annotation was computed. [2022-07-13 17:59:53,671 INFO L895 garLoopResultBuilder]: At program point L846(line 846) the Hoare annotation is: false [2022-07-13 17:59:53,671 INFO L895 garLoopResultBuilder]: At program point L912-2(lines 904 919) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-13 17:59:53,672 INFO L899 garLoopResultBuilder]: For program point L875(lines 874 923) no Hoare annotation was computed. [2022-07-13 17:59:53,672 INFO L899 garLoopResultBuilder]: For program point L904(lines 904 919) no Hoare annotation was computed. [2022-07-13 17:59:53,672 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-13 17:59:53,672 INFO L895 garLoopResultBuilder]: At program point L896(line 896) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-13 17:59:53,672 INFO L902 garLoopResultBuilder]: At program point L256(lines 249 258) the Hoare annotation is: true [2022-07-13 17:59:53,672 INFO L895 garLoopResultBuilder]: At program point L921(lines 874 923) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-13 17:59:53,672 INFO L899 garLoopResultBuilder]: For program point L884(lines 884 890) no Hoare annotation was computed. [2022-07-13 17:59:53,672 INFO L895 garLoopResultBuilder]: At program point L83(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-13 17:59:53,672 INFO L899 garLoopResultBuilder]: For program point L884-1(lines 884 890) no Hoare annotation was computed. [2022-07-13 17:59:53,672 INFO L899 garLoopResultBuilder]: For program point L269(lines 269 276) no Hoare annotation was computed. [2022-07-13 17:59:53,672 INFO L899 garLoopResultBuilder]: For program point L876(lines 876 880) no Hoare annotation was computed. [2022-07-13 17:59:53,672 INFO L895 garLoopResultBuilder]: At program point L75(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-13 17:59:53,672 INFO L899 garLoopResultBuilder]: For program point L269-2(lines 269 276) no Hoare annotation was computed. [2022-07-13 17:59:53,673 INFO L895 garLoopResultBuilder]: At program point L860(lines 855 862) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2) (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 .cse2 (= ~waterLevel~0 1)))) [2022-07-13 17:59:53,673 INFO L902 garLoopResultBuilder]: At program point L278(lines 259 281) the Hoare annotation is: true [2022-07-13 17:59:53,673 INFO L895 garLoopResultBuilder]: At program point L245(lines 241 247) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0) (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-13 17:59:53,673 INFO L895 garLoopResultBuilder]: At program point L852(lines 840 854) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-13 17:59:53,673 INFO L899 garLoopResultBuilder]: For program point L844(lines 844 850) no Hoare annotation was computed. [2022-07-13 17:59:53,673 INFO L899 garLoopResultBuilder]: For program point L844-1(lines 844 850) no Hoare annotation was computed. [2022-07-13 17:59:53,673 INFO L895 garLoopResultBuilder]: At program point L68(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-13 17:59:53,673 INFO L899 garLoopResultBuilder]: For program point L113-1(lines 109 120) no Hoare annotation was computed. [2022-07-13 17:59:53,673 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 109 120) no Hoare annotation was computed. [2022-07-13 17:59:53,673 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 109 120) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0)))) (and (or .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)))) [2022-07-13 17:59:53,676 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-07-13 17:59:53,677 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-13 17:59:53,702 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 13.07 05:59:53 BoogieIcfgContainer [2022-07-13 17:59:53,702 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-13 17:59:53,702 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-13 17:59:53,703 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-13 17:59:53,703 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-13 17:59:53,703 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.07 05:59:50" (3/4) ... [2022-07-13 17:59:53,705 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-13 17:59:53,710 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-07-13 17:59:53,710 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-13 17:59:53,710 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-13 17:59:53,711 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-13 17:59:53,711 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-13 17:59:53,711 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-13 17:59:53,716 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 50 nodes and edges [2022-07-13 17:59:53,716 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-13 17:59:53,716 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-13 17:59:53,717 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-13 17:59:53,717 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-13 17:59:53,717 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-13 17:59:53,717 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-13 17:59:53,737 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-13 17:59:53,737 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-13 17:59:53,737 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) [2022-07-13 17:59:53,738 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-13 17:59:53,738 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) [2022-07-13 17:59:53,738 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) || (((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) [2022-07-13 17:59:53,738 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) [2022-07-13 17:59:53,739 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) [2022-07-13 17:59:53,739 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) [2022-07-13 17:59:53,739 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-13 17:59:53,739 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-13 17:59:53,739 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-13 17:59:53,739 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-13 17:59:53,753 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-13 17:59:53,753 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-13 17:59:53,753 INFO L158 Benchmark]: Toolchain (without parser) took 4007.90ms. Allocated memory was 94.4MB in the beginning and 115.3MB in the end (delta: 21.0MB). Free memory was 60.4MB in the beginning and 69.6MB in the end (delta: -9.2MB). Peak memory consumption was 11.8MB. Max. memory is 16.1GB. [2022-07-13 17:59:53,753 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 94.4MB. Free memory was 49.1MB in the beginning and 49.0MB in the end (delta: 83.9kB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-13 17:59:53,754 INFO L158 Benchmark]: CACSL2BoogieTranslator took 325.50ms. Allocated memory is still 94.4MB. Free memory was 60.4MB in the beginning and 61.9MB in the end (delta: -1.5MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-07-13 17:59:53,754 INFO L158 Benchmark]: Boogie Procedure Inliner took 64.76ms. Allocated memory is still 94.4MB. Free memory was 61.9MB in the beginning and 59.5MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-13 17:59:53,754 INFO L158 Benchmark]: Boogie Preprocessor took 39.47ms. Allocated memory is still 94.4MB. Free memory was 59.5MB in the beginning and 58.2MB in the end (delta: 1.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-13 17:59:53,754 INFO L158 Benchmark]: RCFGBuilder took 378.12ms. Allocated memory is still 94.4MB. Free memory was 57.8MB in the beginning and 42.7MB in the end (delta: 15.1MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2022-07-13 17:59:53,754 INFO L158 Benchmark]: TraceAbstraction took 3144.35ms. Allocated memory was 94.4MB in the beginning and 115.3MB in the end (delta: 21.0MB). Free memory was 42.2MB in the beginning and 74.8MB in the end (delta: -32.6MB). Peak memory consumption was 33.4MB. Max. memory is 16.1GB. [2022-07-13 17:59:53,755 INFO L158 Benchmark]: Witness Printer took 50.45ms. Allocated memory is still 115.3MB. Free memory was 74.8MB in the beginning and 69.6MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-07-13 17:59:53,756 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 94.4MB. Free memory was 49.1MB in the beginning and 49.0MB in the end (delta: 83.9kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 325.50ms. Allocated memory is still 94.4MB. Free memory was 60.4MB in the beginning and 61.9MB in the end (delta: -1.5MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 64.76ms. Allocated memory is still 94.4MB. Free memory was 61.9MB in the beginning and 59.5MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 39.47ms. Allocated memory is still 94.4MB. Free memory was 59.5MB in the beginning and 58.2MB in the end (delta: 1.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 378.12ms. Allocated memory is still 94.4MB. Free memory was 57.8MB in the beginning and 42.7MB in the end (delta: 15.1MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * TraceAbstraction took 3144.35ms. Allocated memory was 94.4MB in the beginning and 115.3MB in the end (delta: 21.0MB). Free memory was 42.2MB in the beginning and 74.8MB in the end (delta: -32.6MB). Peak memory consumption was 33.4MB. Max. memory is 16.1GB. * Witness Printer took 50.45ms. Allocated memory is still 115.3MB. Free memory was 74.8MB in the beginning and 69.6MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 653]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 77 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.1s, OverallIterations: 6, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.8s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 549 SdHoareTripleChecker+Valid, 0.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 545 mSDsluCounter, 1579 SdHoareTripleChecker+Invalid, 0.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1114 mSDsCounter, 99 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 405 IncrementalHoareTripleChecker+Invalid, 504 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 99 mSolverCounterUnsat, 465 mSDtfsCounter, 405 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 153 GetRequests, 114 SyntacticMatches, 1 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 60 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=378occurred in iteration=4, InterpolantAutomatonStates: 32, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 6 MinimizatonAttempts, 43 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 36 LocationsWithAnnotation, 486 PreInvPairs, 546 NumberOfFragments, 523 HoareAnnotationTreeSize, 486 FomulaSimplifications, 289 FormulaSimplificationTreeSizeReduction, 0.1s HoareSimplificationTime, 36 FomulaSimplificationsInter, 2313 FormulaSimplificationTreeSizeReductionInter, 0.7s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 0.7s InterpolantComputationTime, 230 NumberOfCodeBlocks, 230 NumberOfCodeBlocksAsserted, 7 NumberOfCheckSat, 276 ConstructedInterpolants, 0 QuantifiedInterpolants, 753 SizeOfPredicates, 0 NumberOfNonLiveVariables, 370 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 8 InterpolantComputations, 5 PerfectInterpolantSequences, 51/57 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 873]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 249]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 97]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 174]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 659]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(tmp == 0)) && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 855]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) || (((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 165]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) - InvariantResult [Line: 776]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 724]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 649]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 874]: Loop Invariant Derived loop invariant: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) - InvariantResult [Line: 821]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 241]: Loop Invariant Derived loop invariant: (((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 196]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 864]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 186]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 840]: Loop Invariant Derived loop invariant: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) - InvariantResult [Line: 259]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-07-13 17:59:53,796 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE